CVE-2020-8606

CRITICAL

Trend Micro InterScan Web Security Virtual Appliance 6.5 - Auth Bypass

Title source: llm

Description

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance.

Exploits (1)

metasploit WORKING POC EXCELLENT
by Mehmet Ince <[email protected]> · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/trendmicro_websecurity_exec.rb

References (4)

Scores

CVSS v3 9.8
EPSS 0.8960
EPSS Percentile 99.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-287
Status published
Products (1)
trendmicro/interscan_web_security_virtual_appliance 6.5
Published May 27, 2020
Tracked Since Feb 18, 2026