CVE-2016-5840

HIGH

Trend Micro Deep Discovery Inspector <3.8 - RCE

Title source: llm

Description

hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.

Exploits (1)

exploitdb WORKING POC

by korpritzombie · textwebappslinux

https://www.exploit-db.com/exploits/40180

View Code ZIP pw:eip

References (5)

Core 5

Core References

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-16-373

Third Party Advisory third-party-advisory x_refsource_jvndb

http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000103.html

Third Party Advisory third-party-advisory x_refsource_jvn

http://jvn.jp/en/jp/JVN55428526/index.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40180/

Vendor Advisory x_refsource_confirm

http://esupport.trendmicro.com/solution/en-US/1114281.aspx

Scores

CVSS v3 7.2

EPSS 0.0712

EPSS Percentile 91.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20

Status published

Products (3)

trend_micro/deep_discovery_inspector 3.7

trend_micro/deep_discovery_inspector 3.81

trend_micro/deep_discovery_inspector 3.82

Published Jun 30, 2016

Tracked Since Feb 18, 2026