The remote version of Trend Micro ServerProtect exposes multiple insecure methods through its RPC interface that let an unauthenticated remote attacker list, read and write to arbitrary files on the affected host.
By sending legitimate requests to the remote service, an attacker may be able to exploit those functions to execute code with SYSTEM privileges.
Binary data trendmicro_serverprotect_file.nbin