CVE-2016-5840
Trend Micro Deep Discovery Inspector (DDI) is affected by a hotfix_upload.cgi vulnerability that lets remote attackers execute arbitrary code via crafted shell metacharacters in the Content-Disposition filename parameter. Affected products/versions include DDI 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3....