CVE-2022-26871
9.8CRITICALAn arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Veröffentlicht: 3/29/2022Aktualisiert: 12/22/2025
CISA Bekannte Ausgenutzte Schwachstelle
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
Erforderliche Maßnahme:
Apply updates per vendor instructions.
Fälligkeitsdatum:
2022-04-21
Beschreibung
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
KI-AnalyseKI-gestützt
Betroffene Produkte
trendmicroapex_central
2019
trendmicroapex_one
-
Referenzen
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435Vendor Advisory
- https://jvn.jp/vu/JVNVU99107357Third Party AdvisoryVDB Entry
- https://success.trendmicro.com/jp/solution/000290660MitigationPatchVendor Advisory
- https://success.trendmicro.com/solution/000290678MitigationPatchVendor Advisory
- https://www.jpcert.or.jp/english/at/2022/at220008.htmlThird Party AdvisoryVDB Entry
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435Vendor Advisory
- https://jvn.jp/vu/JVNVU99107357Third Party AdvisoryVDB Entry
- https://success.trendmicro.com/jp/solution/000290660MitigationPatchVendor Advisory
- https://success.trendmicro.com/solution/000290678MitigationPatchVendor Advisory
- https://www.jpcert.or.jp/english/at/2022/at220008.htmlThird Party AdvisoryVDB Entry
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871US Government Resource