CVE-2016-5840
Trend Micro Deep Discovery hotfix_upload.cgi filename Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.
hotfix_upload.cgi en Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81) y 3.8 SP2 (3.82) permite a administradores remotos ejecutar código arbitrario a través de metacaracteres de shell en el parámetro filename de la cabecera Content-Disposition.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery. Authentication is required to exploit this vulnerability.
The specific flaw exists within hotfix_upload.cgi. The vulnerability is caused by the lack of input validation before passing a remotely supplied string to a system call. By sending a crafted request to a vulnerable system, a remote attacker can exploit this vulnerability to execute arbitrary code in the context of root.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-06-22 CVE Published
- 2016-06-23 CVE Reserved
- 2024-07-30 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://jvn.jp/en/jp/JVN55428526/index.html | Third Party Advisory | |
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000103.html | Third Party Advisory | |
http://www.zerodayinitiative.com/advisories/ZDI-16-373 | X_refsource_misc |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/40180 | 2024-08-06 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://esupport.trendmicro.com/solution/en-US/1114281.aspx | 2016-11-28 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Trend Micro Search vendor "Trend Micro" | Deep Discovery Inspector Search vendor "Trend Micro" for product "Deep Discovery Inspector" | 3.7 Search vendor "Trend Micro" for product "Deep Discovery Inspector" and version "3.7" | - |
Affected
| ||||||
Trend Micro Search vendor "Trend Micro" | Deep Discovery Inspector Search vendor "Trend Micro" for product "Deep Discovery Inspector" | 3.81 Search vendor "Trend Micro" for product "Deep Discovery Inspector" and version "3.81" | - |
Affected
| ||||||
Trend Micro Search vendor "Trend Micro" | Deep Discovery Inspector Search vendor "Trend Micro" for product "Deep Discovery Inspector" | 3.82 Search vendor "Trend Micro" for product "Deep Discovery Inspector" and version "3.82" | - |
Affected
|