CyberSec.Space Logo
返回 CVE 浏览器

CVE-2016-9269

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.1780%
EPSS Percentile6.20th
Published2017年2月21日
Last Modified2026年5月13日

Vulnerability Description

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737.

Affected Platforms (CPE)

📦
Trendmicro

Interscan Web Security Virtual Appliance

<= 6.5

References & Advisories

🔗 http://www.securityfocus.com/bid/96252
🔗 http://www.securitytracker.com/id/1037849
🔗 https://success.trendmicro.com/solution/1116672
🔗 http://www.securityfocus.com/bid/96252
🔗 http://www.securitytracker.com/id/1037849
🔗 https://success.trendmicro.com/solution/1116672

相关漏洞威胁

CVE-2020-84659.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updat...

CVE-2020-86069.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on...

CVE-2020-285789.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to...

CVE-2020-84669.8

A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hash...