The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTrendmicro Password Manager
APPTrendmicrowszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje
Powiązane podatności
CVE-2025-52837HIGH7.8ten sam produkt
Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privile...
CVE-2022-28394HIGH7.8ten sam produkt
EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided ...
CVE-2022-30523HIGH7.8ten sam produkt
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privile...
CVE-2022-26337HIGH7.8ten sam produkt
Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolle...
CVE-2021-32461HIGH7.8ten sam produkt
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Pr...