CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2016-8589 – Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_dae.cgi Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8589
log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. En log_query_dae.cgi en Trend Micro Threat Discovery Appliance 2.6.1062r1 y anteriores se permite a los usuarios autenticados remotos ejecutar código arbitrario como usuario root a través de los metacaracteres de shell en el parámetro cache_id. Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_dae.cgi remote code execution vulnerability. • http://packetstormsecurity.com/files/142219/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-log_query_dae.cgi-Remote-Code-Execution.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2016-8590 – Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_dlp.cgi Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8590
log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. El componente log_query_dlp.cgi de Threat Discovery Appliance 2.6.1062r1 de Trend Micro y versiones anteriores permite a usuarios autenticados remotos ejecutar código arbitrario como usuario root a través de metacaracteres de shell en el parámetro cache_id. Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_dlp.cgi remote code execution vulnerability. • http://packetstormsecurity.com/files/142218/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-log_query_dlp.cgi-Remote-Code-Execution.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2016-8591 – Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query.cgi Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8591
log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. El componente log_query.cgi de Threat Discovery Appliance 2.6.1062r1 de Trend Micro y versiones anteriores permite a usuarios autenticados remotos ejecutar código arbitrario como usuario root a través de metacaracteres de shell en el parámetro cache_id Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query.cgi remote code execution vulnerability. • http://packetstormsecurity.com/files/142217/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-log_query.cgi-Remote-Code-Execution.html http://www.securityfocus.com/bid/98343 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2016-8592 – Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_system.cgi Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8592
log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id parameter. El componente log_query_system.cgi de Threat Discovery Appliance 2.6.1062r1 de Trend Micro y versiones anteriores permite a usuarios autenticados remotos ejecutar código arbitrario como usuario root a través de metacaracteres de shell en el parámetro cache_id. Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a log_query_system.cgi remote code execution vulnerability. • http://packetstormsecurity.com/files/142216/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-log_query_system.cgi-Remote-Code-Execution.html http://www.securityfocus.com/bid/98345 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-8593 – Trend Micro Threat Discovery Appliance 2.6.1062r1 upload.cgi Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8593
Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the dID parameter. Vulnerabilidad de desplazamiento de directorios en el componente upload.cgi de Threat Discovery Appliance 2.6.1062r1 de Trend Micro y versiones anteriores permite a los usuarios autenticados remotos ejecutar código arbitrario a través de .. (punto punto) en el parámetro dID. Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from an upload.cgi remote code execution vulnerability. • http://packetstormsecurity.com/files/142215/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-upload.cgi-Remote-Code-Execution.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •