3 matches found
Trend Micro InterScan Web Security Virtual Appliance Command Injection (CVE-2020-28580; CVE-2020-28581)
A command injection vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2020-28581
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges...
CVE-2020-28581
CVE-2020-28581: A command injection in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 allows an authenticated, remote attacker to send crafted HTTP messages and execute arbitrary OS commands with elevated privileges. Multiple sources (NVD entry and Red Hat advisory...