CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32529 – Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32529
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32530. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of delete_cert_vec requests to the modTMMS endpoint. When parsing the id parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the IUSR user. • https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-652 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32530 – Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-32530
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32529. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of set_certificates_config requests to the modTMMS endpoint. When parsing the dbCert parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the IUSR user. • https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US https://www.zerodayinitiative.com/advisories/ZDI-23-654 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 15%CPEs: 2EXPL: 0CVE-2022-26871 – Trend Micro Apex Central Arbitrary File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2022-26871
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution. Una vulnerabilidad de carga de archivos arbitrarios en Trend Micro Apex Central podría permitir a un atacante remoto no autenticado cargar un archivo arbitrario que podría conllevar a una ejecución de código remota An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution. • https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435 https://jvn.jp/vu/JVNVU99107357 https://success.trendmicro.com/jp/solution/000290660 https://success.trendmicro.com/solution/000290678 https://www.jpcert.or.jp/english/at/2022/at220008.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.5EPSS: 0%CPEs: 39EXPL: 0CVE-2021-25252
https://notcve.org/view.php?id=CVE-2021-25252
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. La API Virus Scan (VSAPI) y el Advanced Threat Scan Engine (ATSE) de Trend Micro, son susceptibles a una vulnerabilidad de agotamiento de la memoria que puede conllevar a una denegación de servicio o a un congelamiento del sistema si es explotada por un atacante usando un archivo especialmente diseñado • https://success.trendmicro.com/solution/000285675 • CWE-400: Uncontrolled Resource Consumption •