First published: Fri May 25 2018(Updated: )
A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. Authentication is required in order to exploit this vulnerability.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Smart Protection Server | =3.0 | |
Trendmicro Smart Protection Server | =3.1 | |
Trendmicro Smart Protection Server | =3.2 | |
Trendmicro Smart Protection Server | =3.3 | |
Linux Linux kernel | ||
Trend Micro Smart Protection Server |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.