CVE-2016-8586

2017-04-2819:00:00

mitre

www.cve.org

AI Score

8.8

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

References

packetstormsecurity.com/files/142222/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-detected_potential_files.cgi-Remote-Code-Execution.html

www.securityfocus.com/bid/98376