Threat Discovery Appliance@* Security Vulnerabilities and Issues — Threat Discovery Appliance@* CVE List

Lucene search

TrendmicroThreat Discovery Appliance*

10 matches found

CVE•added 2017/04/28 7:59 p.m.•45 views

CVE-2016-8593

Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the dID parameter.

8.8CVSS8.5AI score0.04887EPSS

CVE•added 2017/04/28 7:59 p.m.•40 views

CVE-2016-8585

admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezone parameter.

9CVSS8.7AI score0.09536EPSS

CVE•added 2017/04/28 7:59 p.m.•39 views

CVE-2016-8591

log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

9CVSS8.7AI score0.03537EPSS

CVE•added 2017/04/28 7:59 p.m.•37 views

CVE-2016-8584

Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.

9.8CVSS9.5AI score0.04082EPSS

CVE•added 2017/04/28 7:59 p.m.•36 views

CVE-2016-8590

log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

9CVSS8.7AI score0.03537EPSS

CVE•added 2017/04/28 7:59 p.m.•32 views

CVE-2016-8589

log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

9CVSS8.7AI score0.03537EPSS

CVE•added 2017/04/28 7:59 p.m.•30 views

CVE-2016-8586

detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

9CVSS8.7AI score0.03537EPSS

CVE•added 2017/04/28 7:59 p.m.•30 views

CVE-2016-8588

The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uploaded file.

7.3CVSS7.3AI score0.00563EPSS

CVE•added 2017/04/28 7:59 p.m.•29 views

CVE-2016-8592

log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter.

9CVSS8.7AI score0.03537EPSS

CVE•added 2017/04/28 7:59 p.m.•28 views

CVE-2016-8587

dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_pol/.

7.3CVSS7.3AI score0.00563EPSS