Trend Micro Threat Discovery Appliance CVE-2016-7552 Directory Traversal Vulnerability



Trend Micro Threat Discovery Appliance is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue using directory-traversal characters ('../') to access files outside of the restricted directory and perform other attacks.

Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 97599
Class: Input Validation Error
CVE: CVE-2016-7552

Remote: Yes
Local: No
Published: Apr 10 2017 12:00AM
Updated: Apr 10 2017 12:00AM
Credit: Steventhomasseeley and Roberto Suggi Liverani
Vulnerable: Trend Micro Threat Discovery Appliance 2.6.1062r1


Not Vulnerable:

Exploit


An attacker can use readily available commands and tools to exploit this issue.


Related Posts