cve/2016/CVE-2016-8593.md

CVE-2016-8593

Description

Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the dID parameter.

POC

Reference

• http://packetstormsecurity.com/files/142215/Trend-Micro-Threat-Discovery-Appliance-2.6.1062r1-upload.cgi-Remote-Code-Execution.html

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/lnick2023/nicenice
• https://github.com/qazbnm456/awesome-cve-poc
• https://github.com/xbl3/awesome-cve-poc_qazbnm456