cbcvebase.
CVE-2022-26871
published 2022-03-29

CVE-2022-26871: An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead…

PriorityP193critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-04-21
Exploited in the wild
EPSS
19.63%
97.1th percentile
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.

Affected

2 ranges
VendorProductVersion rangeFixed in
trend_microtrend_micro_apex_central
trendmicroapex_central

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2022-26871 is an arbitrary file upload vulnerability in Trend Micro Apex Central (on-premise) that allows unauthenticated remote attackers to upload arbitrary files leading to remote code execution.
  • Trend Micro confirmed active in-the-wild exploitation attempts of CVE-2022-26871 at time of disclosure — treat any unpatched Apex Central instance as actively targeted.
  • CISA added CVE-2022-26871 to its Known Exploited Vulnerabilities catalog with a remediation due date of 2022-04-21, confirming active exploitation.
  • ·Vulnerability affects Trend Micro Apex Central on-premise deployments only; the attack vector is unauthenticated and requires no user interaction, making internet-exposed instances at highest risk.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
cisa9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.