CVE-2018-3603

A CGGIServlet SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.

Date published : 2018-02-09

https://success.trendmicro.com/solution/1119158

https://www.zerodayinitiative.com/advisories/ZDI-18-112/