EIP-2026-103328

PRE-CVE

Trend Micro Data Loss Prevention Virtual Appliance 5.2 - Path Traversal

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103328. PoCs published by Leonardo Duarte.

AI-analyzed exploit summary This exploit demonstrates a path traversal vulnerability in Trend Micro Data Loss Prevention Virtual Appliance 5.2, allowing unauthorized file access via encoded dot and slash characters in the URL path. The PoC provides direct URLs to access sensitive files like /etc/passwd and /bin/ash.

Description

Trend Micro Data Loss Prevention Virtual Appliance 5.2 - Path Traversal

Exploits (1)

exploitdb WORKING POC
by Leonardo Duarte · textwebappslinux
https://www.exploit-db.com/exploits/42975

This exploit demonstrates a path traversal vulnerability in Trend Micro Data Loss Prevention Virtual Appliance 5.2, allowing unauthorized file access via encoded dot and slash characters in the URL path. The PoC provides direct URLs to access sensitive files like /etc/passwd and /bin/ash.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Trend Micro Data Loss Prevention Virtual Appliance 5.2
No auth needed
Prerequisites: Network access to the target appliance
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026