Vulnerabilities > Trendmicro > Serverprotect > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2022-25330 Integer Overflow or Wraparound vulnerability in Trendmicro products
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
network
low complexity
trendmicro CWE-190
critical
9.8
2022-02-24 CVE-2022-25329 Use of Hard-coded Credentials vulnerability in Trendmicro products
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console.
network
low complexity
trendmicro CWE-798
critical
9.8
2021-09-29 CVE-2021-36745 Forced Browsing vulnerability in Trendmicro Serverprotect 5.8/6.0
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations.
network
low complexity
trendmicro CWE-425
critical
9.8
2020-09-15 CVE-2020-24561 Command Injection vulnerability in Trendmicro Serverprotect 3.0
A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system.
network
low complexity
trendmicro CWE-77
critical
9.1
2017-05-26 CVE-2017-9034 Improper Input Validation vulnerability in Trendmicro Serverprotect 3.0
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate software updates.
network
low complexity
trendmicro CWE-20
critical
9.8