Trendmicro Control_manager

22 CVEs affecting Trendmicro Control_manager. Latest disclosed: 2021-03-03. Critical: 8, High: 12.

Top CVEs affecting Trendmicro Control_manager
CVESeverityScorePublishedSummary
CVE-2018-10511Critical10.02018-08-15A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnera…
CVE-2018-10510Critical9.82018-08-15A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary co…
CVE-2018-3601Critical9.82018-02-09A password hash usage authentication bypass vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to bypass authentication on vulnerab…
CVE-2017-11389Critical9.82017-08-02Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing dir…
CVE-2017-11386Critical9.82017-08-02SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHa…
CVE-2017-11385Critical9.82017-08-02SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHa…
CVE-2017-11384Critical9.82017-08-02SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHan…
CVE-2017-11383Critical9.82017-08-02SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHa…
CVE-2018-3607High8.82018-02-09XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitr…
CVE-2018-3606High8.82018-02-09XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 cou…
CVE-2018-3605High8.82018-02-09TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote…
CVE-2018-3604High8.82018-02-09GetXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary c…
CVE-2018-3603High8.82018-02-09A CGGIServlet SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary cod…
CVE-2018-3602High8.82018-02-09An AdHocQuery_Processor SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arb…
CVE-2017-11388High8.82017-08-02SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided string…
CVE-2018-10512High7.52018-08-15A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, w…
CVE-2016-6220High7.52017-08-07Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0.
CVE-2017-11390High7.52017-08-02XML external entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. Formerly ZDI-CAN-470…
CVE-2017-11387High7.52017-08-02Authentication Bypass in Trend Micro Control Manager 6.0 causes Information Disclosure when authentication validation is not done for functionality that can ch…
CVE-2019-14688High7.02020-02-20Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnera…