Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trendmicro smart protection server vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-6266
ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) host or (2) apikey parameter in a register actio...
Trendmicro Smart Protection Server 2.5
Trendmicro Smart Protection Server 2.6
Trendmicro Smart Protection Server 3.0
7.8
CVSSv3
CVE-2016-6268
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory.
Trendmicro Smart Protection Server 2.5
Trendmicro Smart Protection Server 2.6
Trendmicro Smart Protection Server 3.0
8.8
CVSSv3
CVE-2016-6267
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_Allow...
Trendmicro Smart Protection Server 2.5
Trendmicro Smart Protection Server 2.6
Trendmicro Smart Protection Server 3.0
9.1
CVSSv3
CVE-2016-6269
Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote malicious users to read and delete arbitrary files via the tmpfname parameter to (1) log_mgt_adhocquery_ajaxhan...
Trendmicro Smart Protection Server 2.5
Trendmicro Smart Protection Server 2.6
Trendmicro Smart Protection Server 3.0
8.8
CVSSv3
CVE-2017-11395
Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on vulnerable installations.
Trendmicro Smart Protection Server 3.1
Trendmicro Smart Protection Server 3.2
9.8
CVSSv3
CVE-2018-6231
A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote malicious users to escalate privileges on vulnerable installations.
Trendmicro Smart Protection Server
8.8
CVSSv3
CVE-2017-11398
A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated malicious user to hijack active user sessions to perform authenticated requests on a vulnerable system.
Trendmicro Smart Protection Server
1 EDB exploit
9.8
CVSSv3
CVE-2017-14097
An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an malicious user to decrypt contents of a database with information that could be used to access a vulnerable system.
Trendmicro Smart Protection Server
1 EDB exploit
9.8
CVSSv3
CVE-2017-14094
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an malicious user to perform remote command execution via a cron job injection on a vulnerable system.
Trendmicro Smart Protection Server
1 EDB exploit
8.1
CVSSv3
CVE-2017-14095
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an malicious user to perform remote command execution via a local file inclusion on a vulnerable system.
Trendmicro Smart Protection Server
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »