CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-28578

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0410%
EPSS Percentile11.03th
Published2020年11月18日
Last Modified2024年11月21日

Vulnerability Description

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.

Affected Platforms (CPE)

📦
Trendmicro

Interscan Web Security Virtual Appliance

= 6.5

References & Advisories

🔗 https://success.trendmicro.com/solution/000281954
🔗 https://www.tenable.com/security/research/tra-2020-63
🔗 https://success.trendmicro.com/solution/000281954
🔗 https://www.tenable.com/security/research/tra-2020-63

相关漏洞威胁

CVE-2016-92699.9

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSV...

CVE-2020-86069.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on...

CVE-2020-84659.8

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updat...

CVE-2020-84669.8

A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hash...