← Voltar para CVEs
CVE-2022-26871
CRITICALCISA KEV9.8
Descricao
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado3/29/2022
Ultima modificacao12/22/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorTrend Micro
ProdutoApex Central
Nome da vulnerabilidadeTrend Micro Apex Central Arbitrary File Upload Vulnerability
Data inclusao KEV2022-03-31
Prazo de remediacao2022-04-21
Uso em ransomwareUnknown
Produtos afetados
trendmicro:apex_centraltrendmicro:apex_one
Fraquezas (CWE)
CWE-345CWE-345
Referencias
https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435(security@trendmicro.com)
https://jvn.jp/vu/JVNVU99107357(security@trendmicro.com)
https://success.trendmicro.com/jp/solution/000290660(security@trendmicro.com)
https://success.trendmicro.com/solution/000290678(security@trendmicro.com)
https://www.jpcert.or.jp/english/at/2022/at220008.html(security@trendmicro.com)
https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435(af854a3a-2127-422b-91ae-364da2661108)
https://jvn.jp/vu/JVNVU99107357(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/jp/solution/000290660(af854a3a-2127-422b-91ae-364da2661108)
https://success.trendmicro.com/solution/000290678(af854a3a-2127-422b-91ae-364da2661108)
https://www.jpcert.or.jp/english/at/2022/at220008.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.