Vulnerabilities > Trendmicro > Threat Discovery Appliance > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-28 | CVE-2016-8593 | Path Traversal vulnerability in Trendmicro Threat Discovery Appliance Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. | 6.5 |
| 2017-04-28 | CVE-2016-8588 | Improper Access Control vulnerability in Trendmicro Threat Discovery Appliance The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uploaded file. | 6.0 |
| 2017-04-28 | CVE-2016-8587 | Improper Access Control vulnerability in Trendmicro Threat Discovery Appliance dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_pol/. | 6.0 |