11 matches found
EUVD-2016-10126
Malware in sbrugna...
EUVD-2014-8347
Malware in sbrugna...
Trend Micro InterScan Web Security Virtual Appliance Information Disclosure Vulnerability (CNVD-2020-31245)
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A security vulnerability exists in Trend Micro IWSVA version 6.5. A remote attacker could...
CVE-2017-6339
Trend Micro InterScan Web Security Virtual Appliance IWSVA 6.5 before CP 1746 mismanages certain key and certificate data. Per IWSVA documentation, by default, IWSVA acts as a private Certificate Authority CA and dynamically generates digital certificates that are sent to client browsers to...
Privilege escalation
Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to change Master Admin's password and/or ad...
CVE-2016-9269
Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update...
CVE-2016-9269
Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update...
CVE-2016-9314
Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto thei...
CVE-2016-9316
Multiple stored Cross-Site-Scripting XSS vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allow authenticated, remote users with least privileges to inject arbitrary...
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 - Multiple Vulnerabilities
Exploit for hardware platform in category web applications Exploit Title: Trend Micro Interscan Web Security Virtual Appliance IWSVA 6.5.x Multiple Vulnerabilities Date: 28/11/2016 Exploit Author: SlidingWindow , Twitter: @KapilKhot Vendor Homepage:...
Design/Logic Flaw
The AdminUI in Trend Micro InterScan Web Security Virtual Appliance IWSVA before 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters...