QwikSec

Security Database

CVE

CWE

Training

CVE-2018-10357

Published: May 23, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. Authentication is required to exploit this vulnerability.

Vendor	Product	Versions
Trend Micro	Trend Micro Endpoint Application Control	affected `2.0`

References

https://www.zerodayinitiative.com/advisories/ZDI-18-469/

x_refsource_MISC

vdb-entry

x_refsource_BID

https://success.trendmicro.com/solution/1119811

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.