Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.3
CVSSv3

CVE-2016-8587

Published: 28/04/2017 Updated: 25/05/2017
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
CVSS v3 Base Score: 7.3 | Impact Score: 5.9 | Exploitability Score: 1.3
VMScore: 535
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Threat Discovery Appliance

Vulnerability Summary

dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and previous versions allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_pol/.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

trendmicro threat discovery appliance

References

CWE-284http://packetstormsecurity.com/files/142221/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-dlp_policy_upload.cgi-Remote-Code-Execution.htmlhttp://www.securityfocus.com/bid/98508https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook