CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2016-3987

CVSS 9.8v3.1pub. 2016-04-12upd. 2026-05-06

The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Trendmicro Password Manager

    APP
    Trendmicro
    wszystkie wersje
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-52837HIGH7.8ten sam produkt

Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privile...

CVE-2022-28394HIGH7.8ten sam produkt

EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided ...

CVE-2022-30523HIGH7.8ten sam produkt

Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privile...

CVE-2022-26337HIGH7.8ten sam produkt

Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolle...

CVE-2021-32461HIGH7.8ten sam produkt

Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Pr...

CVE-2016-3987 β€” Trendmicro β€” Password Manager β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl