Free Trial

CVE-2024-51503 : TREND MICRO DEEP SECURITY UP TO 20.0 OS COMMAND INJECTION

Description

A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability locally and must have domain user privileges to affect other machines.

References

https://success.trendmicro.com/en-US/solution/KA-0018154

https://www.zerodayinitiative.com/advisories/ZDI-24-1516/

For More Information

CVERecord

Common Vulnerabilityies and Exposures

CVE-2024-51503 : TREND MICRO DEEP SECURITY UP TO 20.0 OS COMMAND INJECTION
CVE-2024-51503 : TREND MICRO DEEP SECURITY UP TO 20.0 OS COMMAND INJECTION

Contact us to get started

CVE-2024-52759 : D-LINK DI-8003 16.07.26A1 IP_POSITION_ASP IP BUFFER OVERFLOW

CVE-2024-52759 : D-LINK DI-8003 16.07.26A1 IP_POSITION_ASP IP BUFFER OVERFLOW

Description D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. References

Learn more
CVE-2024-51503 : TREND MICRO DEEP SECURITY UP TO 20.0 OS COMMAND INJECTION

CVE-2024-51503 : TREND MICRO DEEP SECURITY UP TO 20.0 OS COMMAND INJECTION

Description A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an

Learn more
CVE-2024-52360 : IBM CONCERT SOFTWARE 1.0.0/1.0.1/1.0.2/1.0.2.1 SQL INJECTION

CVE-2024-52360 : IBM CONCERT SOFTWARE 1.0.0/1.0.1/1.0.2/1.0.2.1 SQL INJECTION

Description IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially

Learn more