CVE-2016-8585

CWE-2644 documents4 sources
Severity
8.8HIGH
EPSS
7.3%
top 8.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trendmicro Threat Discovery Appliance
Timeline
PublishedApr 28
Latest updateMay 17

Description

admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezone parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-hj32-4j4q-x3j7: admin_sys_time2022-05-17
CVEList
CVE-2016-8585: admin_sys_time2017-04-28

💬Community

1
Bugzilla
CVE-2017-8585 .NET Core: DoS via invalid culture2017-11-14
CVE-2016-8585 (HIGH CVSS 8.8) | admin_sys_time.cgi in Trend Micro T | cvebase.io