VYPR
High severity7.2NVD Advisory· Published Jun 30, 2016· Updated Jun 17, 2026

CVE-2016-5840

CVE-2016-5840

Description

hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:trend_micro:deep_discovery_inspector:3.7:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:trend_micro:deep_discovery_inspector:3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:deep_discovery_inspector:3.81:*:*:*:*:*:*:*
    • cpe:2.3:a:trend_micro:deep_discovery_inspector:3.82:*:*:*:*:*:*:*
    • (no CPE)range: 3.7, 3.8 SP1 (3.81), 3.8 SP2 (3.82)

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.