Trendmicro Control_manager
22 CVEs affecting Trendmicro Control_manager. Latest disclosed: 2021-03-03. Critical: 8, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-10511 | Critical | 10.0 | 2018-08-15 | A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnera… |
CVE-2018-10510 | Critical | 9.8 | 2018-08-15 | A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary co… |
CVE-2018-3601 | Critical | 9.8 | 2018-02-09 | A password hash usage authentication bypass vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to bypass authentication on vulnerab… |
CVE-2017-11389 | Critical | 9.8 | 2017-08-02 | Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing dir… |
CVE-2017-11386 | Critical | 9.8 | 2017-08-02 | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHa… |
CVE-2017-11385 | Critical | 9.8 | 2017-08-02 | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHa… |
CVE-2017-11384 | Critical | 9.8 | 2017-08-02 | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHan… |
CVE-2017-11383 | Critical | 9.8 | 2017-08-02 | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHa… |
CVE-2018-3607 | High | 8.8 | 2018-02-09 | XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitr… |
CVE-2018-3606 | High | 8.8 | 2018-02-09 | XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 cou… |
CVE-2018-3605 | High | 8.8 | 2018-02-09 | TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote… |
CVE-2018-3604 | High | 8.8 | 2018-02-09 | GetXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary c… |
CVE-2018-3603 | High | 8.8 | 2018-02-09 | A CGGIServlet SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary cod… |
CVE-2018-3602 | High | 8.8 | 2018-02-09 | An AdHocQuery_Processor SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arb… |
CVE-2017-11388 | High | 8.8 | 2017-08-02 | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided string… |
CVE-2018-10512 | High | 7.5 | 2018-08-15 | A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, w… |
CVE-2016-6220 | High | 7.5 | 2017-08-07 | Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0. |
CVE-2017-11390 | High | 7.5 | 2017-08-02 | XML external entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. Formerly ZDI-CAN-470… |
CVE-2017-11387 | High | 7.5 | 2017-08-02 | Authentication Bypass in Trend Micro Control Manager 6.0 causes Information Disclosure when authentication validation is not done for functionality that can ch… |
CVE-2019-14688 | High | 7.0 | 2020-02-20 | Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnera… |