CyberSec.Space Logo
Back to CVE Browser

CVE-2020-28578

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0410%
EPSS Percentile11.03th
PublishedNov 18, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.

Affected Platforms (CPE)

πŸ“¦
Trendmicro

Interscan Web Security Virtual Appliance

= 6.5

References & Advisories

πŸ”— https://success.trendmicro.com/solution/000281954
πŸ”— https://www.tenable.com/security/research/tra-2020-63
πŸ”— https://success.trendmicro.com/solution/000281954
πŸ”— https://www.tenable.com/security/research/tra-2020-63

Related Vulnerabilities

CVE-2016-92699.9

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSV...

CVE-2020-86069.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on...

CVE-2020-84659.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updat...

CVE-2020-84669.8

A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hash...