CVE-2020-28580
N/A
N/A
Summary
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Trend Micro | Trend Micro InterScan Web Security Virtual Appliance | 6.5 SP2 | affected |
Weaknesses
- Authenticated Command Injection
ADP Enrichment
CVE Program Container
Additional References
- https://success.trendmicro.com/solution/000281954
- https://www.tenable.com/security/research/tra-2020-63
References
- https://success.trendmicro.com/solution/000281954
- https://www.tenable.com/security/research/tra-2020-63
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.