Vulnerability Details CVE-2022-26871
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.086
EPSS Ranking 91.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Proposed Action
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
Ransomware Campaign
Unknown
References
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435
- https://jvn.jp/vu/JVNVU99107357
- https://success.trendmicro.com/jp/solution/000290660
- https://success.trendmicro.com/solution/000290678
- https://www.jpcert.or.jp/english/at/2022/at220008.html
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435
- https://jvn.jp/vu/JVNVU99107357
- https://success.trendmicro.com/jp/solution/000290660
- https://success.trendmicro.com/solution/000290678
- https://www.jpcert.or.jp/english/at/2022/at220008.html
Products affected by CVE-2022-26871
-
cpe:2.3:a:trendmicro:apex_central:2019
-
cpe:2.3:a:trendmicro:apex_one:-