Vulnerability in Trend Micro Endpoint Application Control

CVE-2018-10357

A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. Authentication is required to ex…

EPSS: 0.656 (98.5th percentile) — read the EPSS interpretation.

Affected products

Trend Micro Endpoint Application Control — versions 2.0

References

www.zerodayinitiative.com/advisories/ZDI-18-469/ (x_refsource_MISC)
104355 (vdb-entry, x_refsource_BID)
success.trendmicro.com/solution/1119811 (x_refsource_CONFIRM)