Trend Micro Threat Discovery Appliance 2.6.1062r1 dlp_policy_upload.cgi Remote Code Execution

!/usr/local/bin/python """ Trend Micro Threat Discovery Appliance /opt/TrendMicro/MinorityReport/bin/ Then, all we do is create /engptnstores/prod/sensorSDK/data/si/dlpkill.sh with malicious code and get it executed... Notes: ====== - For this particular PoC, all I did was exec a bind shell using...