CVE-2022-26871
9.8CRITICALAn arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Publicado: 3/29/2022Actualizado: 12/22/2025
Vulnerabilidad Explotada Conocida (CISA)
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
Acción Requerida:
Apply updates per vendor instructions.
Fecha Límite:
2022-04-21
Descripción
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Análisis IAImpulsado por IA
Productos Afectados
trendmicroapex_central
2019
trendmicroapex_one
-
Referencias
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435Vendor Advisory
- https://jvn.jp/vu/JVNVU99107357Third Party AdvisoryVDB Entry
- https://success.trendmicro.com/jp/solution/000290660MitigationPatchVendor Advisory
- https://success.trendmicro.com/solution/000290678MitigationPatchVendor Advisory
- https://www.jpcert.or.jp/english/at/2022/at220008.htmlThird Party AdvisoryVDB Entry
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435Vendor Advisory
- https://jvn.jp/vu/JVNVU99107357Third Party AdvisoryVDB Entry
- https://success.trendmicro.com/jp/solution/000290660MitigationPatchVendor Advisory
- https://success.trendmicro.com/solution/000290678MitigationPatchVendor Advisory
- https://www.jpcert.or.jp/english/at/2022/at220008.htmlThird Party AdvisoryVDB Entry
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871US Government Resource