Описание
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password.
Ссылки
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:trendmicro:interscan_web_security_virtual_appliance:6.5:sp2:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.27274
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password.
EPSS
Процентиль: 96%
0.27274
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78