#VU7991 Security restrictions bypass in Threat Discovery Appliance - CVE-2016-7552
Published: August 22, 2017 / Updated: September 14, 2018
Vulnerability identifier: #VU7991
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Green
CVE-ID: CVE-2016-7552
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Threat Discovery Appliance
Threat Discovery Appliance
Software vendor:
Trend Micro
Trend Micro
Description
The vulnerability allows a remote attacker to conduct a directory traversal attack on the target system.
The weakness exists in the logoff.cgi script due to improper processing of a session_id cookie. A remote attacker can send specially crafted data, delete arbitrary files in the logoff.cgi script, reset the administrator password to 'admin' if the system is rebooted and bypass authentication restrictions or cause DoS condition.
Successful exploitation of the vulnerability may result in system crash.
The weakness exists in the logoff.cgi script due to improper processing of a session_id cookie. A remote attacker can send specially crafted data, delete arbitrary files in the logoff.cgi script, reset the administrator password to 'admin' if the system is rebooted and bypass authentication restrictions or cause DoS condition.
Successful exploitation of the vulnerability may result in system crash.
Remediation
Install update from vendor's website.