Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Trendmicro Subscribe
Filtered by product Control Manager

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10511 1 Trendmicro 1 Control Manager 2020-12-08 6.4 MEDIUM 10.0 CRITICAL
A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations.
CVE-2018-10510 2 Microsoft, Trendmicro 2 Windows, Control Manager 2018-10-12 7.5 HIGH 9.8 CRITICAL
A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary code on vulnerable installations.
CVE-2018-3601 1 Trendmicro 1 Control Manager 2018-02-27 7.5 HIGH 9.8 CRITICAL
A password hash usage authentication bypass vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to bypass authentication on vulnerable installations.
CVE-2017-11383 1 Trendmicro 1 Control Manager 2017-08-08 7.5 HIGH 9.8 CRITICAL
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Formerly ZDI-CAN-4560.
CVE-2017-11384 1 Trendmicro 1 Control Manager 2017-08-08 7.5 HIGH 9.8 CRITICAL
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Formerly ZDI-CAN-4561.
CVE-2017-11389 1 Trendmicro 1 Control Manager 2017-08-06 7.5 HIGH 9.8 CRITICAL
Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing directory. Formerly ZDI-CAN-4684.
CVE-2017-11386 1 Trendmicro 1 Control Manager 2017-08-06 7.5 HIGH 9.8 CRITICAL
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549.
CVE-2017-11385 1 Trendmicro 1 Control Manager 2017-08-06 7.5 HIGH 9.8 CRITICAL
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545.