Lucene search
K0rpr1t_z0mb1eZDI-16-373HistoryJun 22, 2016 - 12:00 a.m.
Trend Micro Deep Discovery hotfix_upload.cgi filename Remote Code Execution Vulnerability
2016-06-2200:00:00
k0rpr1t_z0mb1e
www.zerodayinitiative.com
12
0.028 Low
EPSS
Percentile
90.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery. Authentication is required to exploit this vulnerability. The specific flaw exists within hotfix_upload.cgi. The vulnerability is caused by the lack of input validation before passing a remotely supplied string to a system call. By sending a crafted request to a vulnerable system, a remote attacker can exploit this vulnerability to execute arbitrary code in the context of root.
Related
zdt
zdt
openvas
openvas
Trend Micro Deep Discovery Inspector RCE Vulnerability
2016-07-15 00:00:00
cve
cve
CVE-2016-5840
2016-06-30 16:59:11
cvelist
cvelist
CVE-2016-5840
2016-06-30 16:00:00
jvn
jvn
JVN#55428526: Deep Discovery Inspector vulnerable to remote code execution
2016-06-16 00:00:00
nvd
nvd
CVE-2016-5840
2016-06-30 16:59:11
prion
prion
Design/Logic Flaw
2016-06-30 16:59:00