Show filters
12 Total Results
Displaying 1-10 of 12
Sort by:
Attacker Value
Unknown

CVE-2016-8585

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezone parameter.
0
0
Attacker Value
Unknown

CVE-2016-8588

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uploaded file.
0
0
Attacker Value
Unknown

CVE-2016-8584

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.
0
0
Attacker Value
Unknown

CVE-2016-8592

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
0
0
Attacker Value
Unknown

CVE-2016-8586

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
0
0
Attacker Value
Unknown

CVE-2016-8591

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
0
0
Attacker Value
Unknown

CVE-2016-8590

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
0
0
Attacker Value
Unknown

CVE-2016-8587

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_pol/.
0
0
Attacker Value
Unknown

CVE-2016-8593

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the dID parameter.
0
0
Attacker Value
Unknown

CVE-2016-8589

Disclosure Date: April 28, 2017 (last updated November 26, 2024)
log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.
0
0
View More Topics  Next >