First published: Fri Feb 09 2018(Updated: )
A CGGIServlet SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Control Manager | =6.0 | |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-3603 is a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager.
CVE-2018-3603 has a severity rating of 8.8, which is considered high.
CVE-2018-3603 affects Trend Micro Control Manager by allowing remote attackers to execute arbitrary code on vulnerable installations.
To mitigate CVE-2018-3603, it is recommended to apply the necessary security patches or updates provided by Trend Micro.
More information about CVE-2018-3603 can be found at the following references: [CVE-2018-3603](https://success.trendmicro.com/solution/1119158) and [ZDI-18-112](https://www.zerodayinitiative.com/advisories/ZDI-18-112/).