CVE-2016-8588

The hotfixupload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uploaded file...

CVE-2016-8588

The CVE-2016-8588 issue affects Trend Micro Threat Discovery Appliance (TDA) version 2.6.1062r1 and earlier. The hotfix_upload.cgi CGI allows a remote authenticated user to execute arbitrary code by supplying shell metacharacters in the filename of an uploaded file, enabling remote code execution...

Trend Micro Deep Discovery 3.73.8 SP1 (3.81)3.8 SP2 (3.82) - hotfix_upload.cgi Filename Remote Code Execution

Trend Micro Deep Discovery 3.73.8 SP1 3.813.8 SP2 3.82 - hotfixupload.cgi Filename Remote Code Execution Version: TDA 2.6.1062r1 Summary: The hotfixupload.cgi file contains a flaw allowing a user to execute commands under the context of the root user. Details: The hotfixupload.cgi file is used to...

Design/Logic Flaw

hotfixupload.cgi in Trend Micro Deep Discovery Inspector DDI 3.7, 3.8 SP1 3.81, and 3.8 SP2 3.82 allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header...