hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2016-06-30T16:00:00
Updated: 2016-11-28T13:57:01
Reserved: 2016-06-23T00:00:00
Link: CVE-2016-5840
JSON object: View
NVD Information
Status : Modified
Published: 2016-06-30T16:59:11.120
Modified: 2016-11-28T20:29:49.223
Link: CVE-2016-5840
JSON object: View
Redhat Information
No data.
CWE