Search Results | AttackerKB

Show filters

Topics 144 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

144 Total Results

Displaying 91-100 of 144

Attacker Value

Unknown

CVE-2017-11379

Disclosure Date: August 01, 2017 (last updated November 26, 2024)

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1.

0

Attacker Value

Unknown

CVE-2017-11380

Disclosure Date: August 01, 2017 (last updated November 26, 2024)

Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Discovery Director 1.1.

0

Attacker Value

Unknown

CVE-2016-8585

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezone parameter.

0

Attacker Value

Unknown

CVE-2016-8588

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uploaded file.

0

Attacker Value

Unknown

CVE-2016-8584

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.

0

Attacker Value

Unknown

CVE-2016-8592

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

0

Attacker Value

Unknown

CVE-2016-8586

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

0

Attacker Value

Unknown

CVE-2016-8591

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

0

Attacker Value

Unknown

CVE-2016-8590

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

0

Attacker Value

Unknown

CVE-2016-8587

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_pol/.

0