Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trendmicro threat discovery appliance vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2016-8587
dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_p...
Trendmicro Threat Discovery Appliance
8.8
CVSSv3
CVE-2016-8585
admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezone parameter.
Trendmicro Threat Discovery Appliance
8.8
CVSSv3
CVE-2016-8586
detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
Trendmicro Threat Discovery Appliance
7.3
CVSSv3
CVE-2016-8588
The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uploaded file.
Trendmicro Threat Discovery Appliance
8.8
CVSSv3
CVE-2016-8589
log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
Trendmicro Threat Discovery Appliance
8.8
CVSSv3
CVE-2016-8590
log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
Trendmicro Threat Discovery Appliance
8.8
CVSSv3
CVE-2016-8591
log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
Trendmicro Threat Discovery Appliance
8.8
CVSSv3
CVE-2016-8592
log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
Trendmicro Threat Discovery Appliance
8.8
CVSSv3
CVE-2016-8593
Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the dID parameter.
Trendmicro Threat Discovery Appliance
9.8
CVSSv3
CVE-2016-8584
Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions uses predictable session values, which allows remote malicious users to bypass authentication by guessing the value.
Trendmicro Threat Discovery Appliance
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »