CVE-2018-6225

MEDIUM

Trend Micro Email Encryption Gateway 5.5 - Authenticated XML External Entity Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-6225. PoCs published by Core Security.

AI-analyzed exploit summary This exploit demonstrates a man-in-the-middle attack against Trend Micro Email Encryption Gateway's insecure update mechanism, allowing arbitrary file writes and root command execution via a malicious RPM file or cron job injection.

Description

An XML external entity injection (XXE) vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an authenticated user to expose a normally protected configuration script.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · textwebappsjsp

https://www.exploit-db.com/exploits/44166

View Code ZIP pw:eip

This exploit demonstrates a man-in-the-middle attack against Trend Micro Email Encryption Gateway's insecure update mechanism, allowing arbitrary file writes and root command execution via a malicious RPM file or cron job injection.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Trend Micro Email Encryption Gateway 5.5 (Build 1111.00)

No auth needed

Prerequisites: Man-in-the-middle position · Victim system initiating an update check

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1036 - Masquerading

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44166/

Patch, Vendor Advisory x_refsource_confirm

https://success.trendmicro.com/solution/1119349

Exploit, Technical Description, Third Party Advisory x_refsource_misc

https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities

Scores

CVSS v3 4.3

EPSS 0.0413

EPSS Percentile 89.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-611

Status published

Products (1)

trendmicro/email_encryption_gateway 5.5

Published Mar 15, 2018

Tracked Since Feb 18, 2026