Shodan
Vulnerabilities
Vulnerable Software
Trendmicro:  Security Vulnerabilities
CVE-2020-8465
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.
CVSS Score
9.8
EPSS Score
0.002
Published
2020-12-17
CVE-2020-8466
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password.
CVSS Score
9.8
EPSS Score
0.273
Published
2020-12-17
CVE-2020-27010
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462.
CVSS Score
4.8
EPSS Score
0.004
Published
2020-12-17
CVE-2020-8461
A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-12-17
CVE-2020-8462
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product.
CVSS Score
4.8
EPSS Score
0.005
Published
2020-12-17
CVE-2020-8463
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths.
CVSS Score
7.5
EPSS Score
0.006
Published
2020-12-17
CVE-2020-28576
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.
CVSS Score
5.3
EPSS Score
0.008
Published
2020-12-01
CVE-2020-28577
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-12-01
CVE-2020-28582
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-12-01
CVE-2020-28583
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-12-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved