Описание
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations.
Please note: an attacker must first obtain the ability to logon to the product’s management console in order to exploit this vulnerability.
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations.
Please note: an attacker must first obtain the ability to logon to the product’s management console in order to exploit this vulnerability.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-36741
- https://success.trendmicro.com/jp/solution/000287796
- https://success.trendmicro.com/jp/solution/000287815
- https://success.trendmicro.com/solution/000287819
- https://success.trendmicro.com/solution/000287820
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-36741
Связанные уязвимости
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product�s management console in order to exploit this vulnerability.
Уязвимость антивирусных программных средств Trend Micro Worry-Free Business Security и Apex One, связанная с отсутствием ограничений на загрузку файлов, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации