CVE-2016-9314

HIGH

Trend Micro IWSVA <6.5-SP2_Build_Linux_1707 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-9314.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Trend Micro IWSVA 6.5.x, including remote command execution (RCE), sensitive information disclosure, privilege escalation, and stored XSS. It provides detailed steps and HTTP requests to exploit these vulnerabilities, with specific payloads and endpoints.

Description

Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto their local machine. This backup file contains sensitive information like passwd/shadow files, RSA certificates, Private Keys and Default Passphrase, etc. This was resolved in Version 6.5 CP 1737.

Exploits (1)

exploitdb WORKING POC

webappshardware

https://www.exploit-db.com/exploits/41361

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Trend Micro IWSVA 6.5.x, including remote command execution (RCE), sensitive information disclosure, privilege escalation, and stored XSS. It provides detailed steps and HTTP requests to exploit these vulnerabilities, with specific payloads and endpoints.

Classification

Working Poc 95%

Attack Type

Rce | Info Leak | Auth Bypass | Xss

Complexity

Moderate

Reliability

Reliable

Target: Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5.x

Auth required

Prerequisites: Low-privileged user access to the web management console · Valid session cookies (JSESSIONID and CSRFGuardToken)

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1005 - Data from Local System T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/96252

Patch, Vendor Advisory x_refsource_confirm

https://success.trendmicro.com/solution/1116672

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1037849

Scores

CVSS v3 7.8

EPSS 0.0302

EPSS Percentile 85.7%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-200

Status published

Products (1)

trendmicro/interscan_web_security_virtual_appliance < 6.5

Published Feb 21, 2017

Tracked Since Feb 18, 2026