Trend Micro Control Manager GetProductCategory SQL Injection (CVE-2018-3602)

An SQL injection vulnerability exists in the Trend Micro Control Manager. The vulnerability is due to improper validation of user-supplied input HTTP parameter...

Trend Micro Control Manager sCloudService GetPassword SQL Injection (CVE-2018-3604)

An SQL injection vulnerability exists in the Trend Micro Control Manager. The vulnerability is due to improper validation of user-supplied input on SOAP sCloudService requests invoking the GetPassword method. Successful exploitation of the vulnerability could allow the attacker to execute arbitra...

Trend Micro Control Manager Denial of Service Vulnerability

Trend Micro Control Manager TMCM is an integrated threat detection and data protection management center software from Trend Micro. A denial of service vulnerability exists in Trend Micro Control Manager versions 6.0 and 7.0. An attacker can exploit this vulnerability to cause a denial of service...

Trend Micro Control Manager Path Traversal Vulnerability

Trend Micro Control Manager TMCM is an integrated threat detection and data protection management center software from Trend Micro. A directory traversal vulnerability exists in Trend Micro TMCM versions 6.0 and 7.0. A remote attacker could exploit the vulnerability to execute arbitrary code...

Trend Micro Control Manager Server-Side Request Forgery Vulnerability

Trend Micro Control Manager enables centralized, user-centric management for threat detection and data protection. A server-side request forgery vulnerability exists in Trend Micro Control Manager 6.0 and 7.0, which can be exploited by attackers to conduct server-side request forgery SSRF attacks...

CVE-2018-10510

A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to execute arbitrary code on vulnerable installations...

CVE-2018-10512

A vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server DoS...

CVE-2018-10511

A vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to conduct a server-side request forgery SSRF attack on vulnerable installations...

Remote code execution

A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to execute arbitrary code on vulnerable installations...

Server side request forgery (ssrf)

A vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to conduct a server-side request forgery SSRF attack on vulnerable installations...

CVE-2018-10511

A vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to conduct a server-side request forgery SSRF attack on vulnerable installations...

CVE-2018-10512

A vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server DoS...

Design/Logic Flaw

A vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server DoS...

CVE-2018-10510

A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to execute arbitrary code on vulnerable installations...

CVE-2018-10512

CVE-2018-10512 involves Trend Micro Control Manager (versions 6.0 and 7.0). A vulnerability could allow an attacker to manipulate the reverse proxy DLL on vulnerable installations, potentially leading to a denial of service. The connected sources corroborate a DoS impact from DLL manipulation; no...

CVE-2018-10512

A vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server DoS...

CVE-2018-10511

A vulnerability in Trend Micro Control Manager versions 6.0 and 7.0 could allow an attacker to conduct a server-side request forgery SSRF attack on vulnerable installations...

CVE-2018-10511

CVE-2018-10511 affects Trend Micro Control Manager versions 6.0 and 7.0, with a server-side request forgery (SSRF) vulnerability. The connected documents describe an SSRF condition that could be exploited to induce the management console to issue requests to internal or external targets. The sour...

CVE-2018-10510

A directory traversal vulnerability exists in Trend Micro Control Manager (TMCM) versions 6.0 and 7.0 that could allow a remote attacker to execute arbitrary code on vulnerable installations (remote code execution). The CNVD record confirms the affected product and impact; no remediation details ...

Trend Micro Control Manager GetPassword() SQLi

The Trend Micro Control Manager running on the remote host is affected by an SQLi vulnerability when processing an HTTP request due to the lack of proper validation of a user-supplied string before using it to construct SQL queries. An unauthenticated, remote attacker can exploit this issue, via ...