Vulnerability in Trend Micro Control Manager
CVE-2018-3606
XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
EPSS: 0.501 (98.8th percentile) — read the EPSS interpretation.
Affected products
- Trend Micro Control Manager — versions 6.0
References
- www.zerodayinitiative.com/advisories/ZDI-18-092/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-085/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-110/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-086/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-091/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-100/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-093/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-103/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-083/ (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-18-108/ (x_refsource_MISC)