Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
interscan web security virtual appliance vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-8465
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.
Trendmicro Interscan Web Security Virtual Appliance 6.5
9
CVSSv2
CVE-2020-28580
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
9
CVSSv2
CVE-2020-28581
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
9
CVSSv2
CVE-2017-11396
Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections.
Trendmicro Interscan Web Security Virtual Appliance 6.5
9
CVSSv2
CVE-2017-6398
An issue exists in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator creden...
Trendmicro Interscan Messaging Security Virtual Appliance 9.1-1600
9
CVSSv2
CVE-2016-9269
Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and previous versions allows authenticated, remote users with least privileges to run arbitrary commands on the sy...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
7.5
CVSSv2
CVE-2020-8466
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated malicious user to execute certain commands by providing a manipulated password.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.5
CVSSv2
CVE-2020-28578
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote malicious user to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.5
CVSSv2
CVE-2020-8606
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote malicious users to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.
Trendmicro Interscan Web Security Virtual Appliance 6.5
6.8
CVSSv2
CVE-2020-8461
A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token.
Trendmicro Interscan Web Security Virtual Appliance 6.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »