CVE Vulnerability
CVE-2018-3604
GetXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
References
| Link | Resource |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-18-102/ | Third Party Advisory VDB Entry |
| https://www.zerodayinitiative.com/advisories/ZDI-18-097/ | Third Party Advisory VDB Entry |
| https://www.zerodayinitiative.com/advisories/ZDI-18-096/ | Third Party Advisory VDB Entry |
| https://www.zerodayinitiative.com/advisories/ZDI-18-095/ | Third Party Advisory VDB Entry |
| https://www.zerodayinitiative.com/advisories/ZDI-18-088/ | Third Party Advisory VDB Entry |
| https://www.zerodayinitiative.com/advisories/ZDI-18-084/ | Third Party Advisory VDB Entry |
| https://www.zerodayinitiative.com/advisories/ZDI-18-067/ | Third Party Advisory VDB Entry |
| https://success.trendmicro.com/solution/1119158 | Patch Vendor Advisory |
Configurations
Configuration 1
|
Information
Published : 2018-02-09 10:29
Updated : 2018-02-27 07:29
NVD link : CVE-2018-3604
Mitre link : CVE-2018-3604
Products Affected
CWE