CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 2CVE-2017-14095 – Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote Command Execution / Cron Job Injection / Local File Inclusion / Stored Cross-Site Scripting / Improper Access Control
https://notcve.org/view.php?id=CVE-2017-14095
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system. Una vulnerabilidad en Trend Micro Smart Protection Server (Standalone), en versiones 3.2 y anteriores, podría permitir que un atacante realice la ejecución remota de comandos mediante una inclusión de archivos locales en un sistema vulnerable. Trend Micro Smart Protection Server version 3.2 suffers from access control bypass, cross site scripting, information disclosure, and various other vulnerabilities. • https://www.exploit-db.com/exploits/43388 http://www.securityfocus.com/bid/102275 https://success.trendmicro.com/solution/1118992 https://www.coresecurity.com/advisories/trend-micro-smart-protection-server-multiple-vulnerabilities • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-6268
https://notcve.org/view.php?id=CVE-2016-6268
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory. Trend Micro Smart Protection Server 2.5 en versiones anteriores a build 2200, 2,6 en versiones anteriores a build 2106 y 3,0 en versiones anteriores a build 1330 permite a los usuarios locales de webserv ejecutar código arbitrario con privilegios de root a través de un archivo troyano .war en el directorio Solr webapps. • https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps https://success.trendmicro.com/solution/1114913 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 90%CPEs: 3EXPL: 1CVE-2016-6267
https://notcve.org/view.php?id=CVE-2016-6267
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php. SnmpUtils en Trend Micro Smart Protection Server 2.5 en versiones anteriores a build 2200, 2,6 en versiones anteriores a build 2106 y 3,0 en versiones anteriores a build 1330 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través de metacaracteres de shell en (1) spare_Community, (2) spare_AllowGroupIP o (3) parámetro spare_AllowGroupNetmask para admin_notification.php. • https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps https://success.trendmicro.com/solution/1114913 - • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 1CVE-2016-6269
https://notcve.org/view.php?id=CVE-2016-6269
Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete arbitrary files via the tmpfname parameter to (1) log_mgt_adhocquery_ajaxhandler.php, (2) log_mgt_ajaxhandler.php, (3) log_mgt_ajaxhandler.php or (4) tf parameter to wcs_bwlists_handler.php. Varias vulnerabilidades de salto de directorio en Trend Micro Smart Protection Server 2.5 en versiones anteriores a build 2200, 2.6 en versiones anteriores a build 2106 y 3.0 en versiones anteriores a build 1330 permiten a atacantes remotos leer y borrar archivos arbitrarios a través del parámetro tmpfname para (1) log_mgt_adhocquery_ajaxhandler.php, (2) log_mgt_ajaxhandler .php, (3) log_mgt_ajaxhandler.php o (4) del parámetro tf para wcs_bwlists_handler.php. • https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps https://success.trendmicro.com/solution/1114913 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 1CVE-2016-6266
https://notcve.org/view.php?id=CVE-2016-6266
ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) host or (2) apikey parameter in a register action, (3) enable parameter in a save_stting action, or (4) host or (5) apikey parameter in a test_connection action. Ccca_ajaxhandler.php en Trend Micro Smart Protection Server 2.5 en versiones anteriores a build 2200, 2,6 en versiones anteriores a build 2106 y 3,0 en versiones anteriores a build 1330 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través de metacaracteres shell en (1) el host o (2) el parámetro apikey en una acción de registro, (3) al habilitar un parámetro en una acción save_stting, o (4) el host o (5) parámetro apikey en una acción test_connection. • https://qkaiser.github.io/pentesting/trendmicro/2016/08/08/trendmicro-sps https://success.trendmicro.com/solution/1114913 • CWE-20: Improper Input Validation •