Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of deletecertvec requests to the modTMMS endpoint. When parsing the ...

PT-2022-6617

Name of the Vulnerable Software and Affected Versions Trend Micro Apex Central versions 2019 through Build 6016 Description The issue is related to incorrect handling of the dbCert parameter in the set certificates config request to the modTMMS endpoint. This can allow a remote attacker to execut...