CVE-2016-8593

CWE-22Path Traversal3 documents3 sources
Severity
8.8HIGH
EPSS
4.6%
top 10.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trendmicro Threat Discovery Appliance
Timeline
PublishedApr 28
Latest updateMay 17

Description

Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the dID parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-m6qp-w746-hqqp: Directory traversal vulnerability in upload2022-05-17
CVEList
CVE-2016-8593: Directory traversal vulnerability in upload2017-04-28
CVE-2016-8593 (HIGH CVSS 8.8) | Directory traversal vulnerability i | cvebase.io