CVE-2019-18188

Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to the IUSR account, which has restricted permission and is unable to make major system changes. An attempted attack requires user authentication.

Published: Oct 28, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-18188
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-77

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
trendmicro / apex_one	2019	2019.x

https://success.trendmicro.com/solution/000151731

Vulnerability Database

289,784

CVE-2019-18188