CVE-2022-26871
9.8CRITICALAn arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Publicado: 3/29/2022Atualizado: 12/22/2025
Vulnerabilidade Explorada Conhecida (CISA)
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
Ação Necessária:
Apply updates per vendor instructions.
Prazo:
2022-04-21
Descrição
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Análise IADesenvolvido por IA
Produtos Afetados
trendmicroapex_central
2019
trendmicroapex_one
-
Referências
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435Vendor Advisory
- https://jvn.jp/vu/JVNVU99107357Third Party AdvisoryVDB Entry
- https://success.trendmicro.com/jp/solution/000290660MitigationPatchVendor Advisory
- https://success.trendmicro.com/solution/000290678MitigationPatchVendor Advisory
- https://www.jpcert.or.jp/english/at/2022/at220008.htmlThird Party AdvisoryVDB Entry
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435Vendor Advisory
- https://jvn.jp/vu/JVNVU99107357Third Party AdvisoryVDB Entry
- https://success.trendmicro.com/jp/solution/000290660MitigationPatchVendor Advisory
- https://success.trendmicro.com/solution/000290678MitigationPatchVendor Advisory
- https://www.jpcert.or.jp/english/at/2022/at220008.htmlThird Party AdvisoryVDB Entry
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871US Government Resource