CVE-2020-28579
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-28579
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Trend Micro InterScan Web Security Virtual Appliance 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Trend Micro InterScan Web Security Virtual Appliance(IWSVA)是美国趋势科技(Trend Micro)公司的一款针对基于Web方式的威胁为企业网络提供动态的、集成式的安全保护的Web安全网关。 InterScan Web Security Virtual Appliance (IWSVA) 6.5 Service Pack 2存在安全漏洞,该漏洞源于在通过strcpy函数将用户提供的数据复制到基于堆栈的固定大小的缓冲区之前,用户验证数据不正确。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Trend Micro | Trend Micro InterScan Web Security Virtual Appliance | 6.5 SP2 | - |
II. Public POCs for CVE-2020-28579
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-28579
请登录查看更多情报信息。
- https://success.trendmicro.com/solution/000281954x_refsource_MISC
- https://www.tenable.com/security/research/tra-2020-63x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-28579
Same Patch Batch · Trend Micro · 2020-11-18 · 9 CVEs total
| CVE-2020-27695 | Trend Micro Security 2020 代码问题漏洞 | |
| CVE-2020-27696 | Trend Micro Security 2020 安全漏洞 | |
| CVE-2020-27697 | Trend Micro Security 2020 后置链接漏洞 | |
| CVE-2020-28572 | Trend Micro Apex One 安全漏洞 | |
| CVE-2020-28574 | Trend Micro Worry-Free Business Security 路径遍历漏洞 | |
| CVE-2020-28578 | Trend Micro InterScan Web Security Virtual Appliance 缓冲区错误漏洞 | |
| CVE-2020-28580 | Trend Micro InterScan Web Security Virtual Appliance 操作系统命令注入漏洞 | |
| CVE-2020-28581 | Trend Micro InterScan Web Security Virtual Appliance 操作系统命令注入漏洞 |
IV. Related Vulnerabilities
Same product: Trend Micro InterScan Web Security Virtual Appliance
- CVE-2024-36359
Trend Micro Micro InterScan Web Security Virtual Appliance 安 - CVE-2021-31521
Trend Micro InterScan Web Security Virtual Appliance 跨站脚本漏洞 - CVE-2020-8466
Trend Micro InterScan Web Security Virtual Appliance 命令注入漏洞 - CVE-2020-8465
Trend Micro InterScan Web Security Virtual Appliance 授权问题漏洞 - CVE-2020-8463
Trend Micro InterScan Web Security Virtual Appliance 安全漏洞
V. Comments for CVE-2020-28579
No comments yet