Vulnerabilities

CVE-2016-5840

by Fred · 30/06/2016

hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.

Date published : 2016-06-30

http://esupport.trendmicro.com/solution/en-US/1114281.aspx

https://www.exploit-db.com/exploits/40180/

Related

Tags: Cybersecurity Alert