HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2016-8585

CVSS 8.8v3.0pub. 2017-04-28upd. 2026-05-13

admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezone parameter.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Trendmicro Threat Discovery Appliance

    APP
    Trendmicro
    ≀ 2.6.1062
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2016-8584CRITICAL9.8ten sam produkt

Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows re...

CVE-2016-7547CRITICAL9.8ten sam produkt

A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone par...

CVE-2016-7552CRITICAL9.8ten sam produkt

On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id coo...

CVE-2016-8587HIGH7.3ten sam produkt

dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authentic...

CVE-2016-8586HIGH8.8ten sam produkt

detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote au...

CVE-2016-8585 β€” Trendmicro β€” Threat Discovery Appliance β€” HIGH β€” CVSS 8.8 | CVEbaza.pl