7.3 High
AI Score
Confidence
High
0.028 Low
EPSS
Percentile
90.7%
hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.
esupport.trendmicro.com/solution/en-US/1114281.aspx
jvn.jp/en/jp/JVN55428526/index.html
jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000103.html
www.zerodayinitiative.com/advisories/ZDI-16-373
www.exploit-db.com/exploits/40180/