Unrated severityNVD Advisory· Published Oct 28, 2019· Updated Aug 5, 2024
CVE-2019-18188
CVE-2019-18188
Description
Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to the IUSR account, which has restricted permission and is unable to make major system changes. An attempted attack requires user authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Trend Micro/Trend Micro Apex Onev5Range: All
Patches
Vulnerability mechanics
References
1- success.trendmicro.com/solution/000151731mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.