CVE-2016-5840

2016-06-30T16:59:00
ID CVE-2016-5840
Type cve
Reporter cve@mitre.org
Modified 2016-11-28T20:29:00

Description

hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.