Lucene search

K
cvelistTrendmicroCVELIST:CVE-2020-28581
HistoryNov 18, 2020 - 6:45 p.m.

CVE-2020-28581

2020-11-1818:45:41
trendmicro
www.cve.org
3
command injection
modifyvlanitem
trend micro interscan
remote attacker
http messages
arbitrary os commands
elevated privileges

AI Score

7.5

Confidence

High

EPSS

0.033

Percentile

91.6%

A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.

CNA Affected

[
  {
    "product": "Trend Micro InterScan Web Security Virtual Appliance",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "6.5 SP2"
      }
    ]
  }
]

AI Score

7.5

Confidence

High

EPSS

0.033

Percentile

91.6%

Related for CVELIST:CVE-2020-28581