CVE-2016-6598

EPSS 36.87% · P97 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-6598

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web root and achieve code execution as NETWORK SERVICE or SYSTEM.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

BMC Track-It! 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

BMC Track-It!是美国BMC Software公司的一套专为中小企业提供的全面集成的IT帮助台和资产管理解决方案。该方案提供工单跟踪、变更管理、流程自动化、资产清单和资产管理等功能。 BMC Track-It! 11.4 Hotfix 3之前的11.4版本中存在安全漏洞。攻击者可利用该漏洞向任意路径上传文件并以NETWORK SERVICE或SYSTEM权限执行代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2016-6598

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2016-6598

Please Login to view more intelligence information

https://github.com/pedrib/PoC/blob/master/advisories/bmc-track-it-11.4.txtx_refsource_MISC
http://packetstormsecurity.com/files/146110/BMC-Track-It-11.4-Code-Execution-Information-Disclosure.htmlx_refsource_MISC
http://seclists.org/fulldisclosure/2018/Jan/92mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2016-6598

Same Patch Batch · n/a · 2018-01-30 · 22 CVEs total

CVE-2018-6380		Joomla! 跨站脚本漏洞
CVE-2018-6408		Conceptronic CIPCAMPTIWL 跨站请求伪造漏洞
CVE-2018-6407		Conceptronic CIPCAMPTIWL 安全漏洞
CVE-2018-6406		libwebm 安全漏洞
CVE-2018-6405		ImageMagick 安全漏洞
CVE-2018-6195		WordPress Splashing Images插件代码注入漏洞
CVE-2018-6194		WordPress Splashing Images插件跨站脚本漏洞
CVE-2018-5441		PHOENIX CONTACT mGuard 安全漏洞
CVE-2016-6599		BMC Track-It! 安全漏洞
CVE-2011-2902		Debian unstable和Debian squeeze Xpdf 安全漏洞
CVE-2017-1000141		Mahara 18.10.0前版本账户管理漏洞
CVE-2018-6382		MantisBT 安全漏洞
CVE-2018-6379		Joomla! 跨站脚本漏洞
CVE-2018-6377		Joomla! 跨站脚本漏洞
CVE-2018-6376		Joomla! SQL注入漏洞
CVE-2018-6355		iBall 300M 跨站脚本漏洞
CVE-2014-4705		多款Huawei产品eSap software platform 缓冲区错误漏洞
CVE-2017-17969		7-Zip和p7zip 缓冲区错误漏洞
CVE-2018-6398		Joomla! CP Event Calendar SQL注入漏洞
CVE-2018-6397		Joomla! Picture Calendar 路径遍历漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2016-6598

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2016-6598

I. Basic Information for CVE-2016-6598

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2016-6598

III. Intelligence Information for CVE-2016-6598

Same Patch Batch · n/a · 2018-01-30 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2016-6598

Leave a comment