CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 2CVE-2018-6230 – Trend Micro Encryption for Email Gateway emailSearch SearchString SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-6230
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 search configuration script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. Una vulnerabilidad de inyección SQL en un script de búsqueda de configuraciones de Trend Micro Email Encryption Gateway 5.5 podría permitir que un atacante ejecute comandos SQL para subir y ejecutar código arbitrario que pudiera comprometer el sistema objetivo. This vulnerability allows remote attackers to execute arbitrary SQL statements on vulnerable installations of Trend Micro Encryption for Email Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the wsEmailSearch class. When parsing the SearchString parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. • https://www.exploit-db.com/exploits/44166 https://success.trendmicro.com/solution/1119349 https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.1EPSS: 2%CPEs: 2EXPL: 1CVE-2018-3609
https://notcve.org/view.php?id=CVE-2018-3609
A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations. Una vulnerabilidad en el portal de gestión de Trend Micro InterScan Messaging Security Virtual Appliance 9.0 y 9.1 podría permitir que un usuario no autenticado acceda a información sensible en un archivo de registro en particular que podría emplearse para omitir la autenticación en instalaciones vulnerables. • http://www.securityfocus.com/bid/103097 https://korelogic.com/Resources/Advisories/KL-001-2018-006.txt https://success.trendmicro.com/jp/solution/1119290 https://success.trendmicro.com/solution/1119277 • CWE-522: Insufficiently Protected Credentials CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2018-6218
https://notcve.org/view.php?id=CVE-2018-6218
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system. Una vulnerabilidad de secuestro de DLL en Trend Micro's User-Mode Hooking Module (UMH) podría permitir que un atacante ejecute código arbitrario en un sistema vulnerable. • http://www.securityfocus.com/bid/103096 https://jvn.jp/jp/JVN28865183 https://success.trendmicro.com/jp/solution/1119348 https://success.trendmicro.com/solution/1119326 • CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2018-3606 – Trend Micro Control Manager ThreatDistributedTrail SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-3606
XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. Una vulnerabilidad de ejecución remota de código (RCE) por inyección SQL en los métodos XXXStatusXXX, XXXSummary, TemplateXXX y XXXCompliance en Trend Micro Control Manager 6.0 podría permitir que un atacante remoto ejecute código arbitrario en instalaciones vulnerables. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ThreatDistributedTrail method, which is called by the reporting servlet. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. • https://success.trendmicro.com/solution/1119158 https://www.zerodayinitiative.com/advisories/ZDI-18-083 https://www.zerodayinitiative.com/advisories/ZDI-18-085 https://www.zerodayinitiative.com/advisories/ZDI-18-086 https://www.zerodayinitiative.com/advisories/ZDI-18-089 https://www.zerodayinitiative.com/advisories/ZDI-18-091 https://www.zerodayinitiative.com/advisories/ZDI-18-092 https://www.zerodayinitiative.com/advisories/ZDI-18-093 https://www.zerodayinitiative.com/advisories/ZDI-18-099 https:/ • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2018-3607 – Trend Micro Control Manager ClearSelectedTreeNode SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-3607
XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. Una vulnerabilidad de ejecución remota de código (RCE) por inyección SQL en el método XXXTreeNode en Trend Micro Control Manager 6.0 podría permitir que un atacante remoto ejecute código arbitrario en instalaciones vulnerables. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ClearSelectedTreeNode method, which is called by the reporting servlet. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. • https://success.trendmicro.com/solution/1119158 https://www.zerodayinitiative.com/advisories/ZDI-18-090 https://www.zerodayinitiative.com/advisories/ZDI-18-094 https://www.zerodayinitiative.com/advisories/ZDI-18-109 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •