Trendmicro

Apex Central

32 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-30680

  • EPSS 0.04%
  • Veröffentlicht 17.06.2025 19:56:23
  • Zuletzt bearbeitet 08.09.2025 21:04:31

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations. Please note: this vulnerability only affe...

7.5

CVE-2025-30679

  • EPSS 0.03%
  • Veröffentlicht 17.06.2025 19:56:11
  • Zuletzt bearbeitet 08.09.2025 21:04:42

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.

7.5

CVE-2025-30678

  • EPSS 0.03%
  • Veröffentlicht 17.06.2025 19:56:01
  • Zuletzt bearbeitet 08.09.2025 21:04:45

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.

9.8

CVE-2025-49220

  • EPSS 3.41%
  • Veröffentlicht 17.06.2025 17:43:23
  • Zuletzt bearbeitet 08.09.2025 21:06:21

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a differe...

9.8

CVE-2025-49219

  • EPSS 3.41%
  • Veröffentlicht 17.06.2025 17:43:12
  • Zuletzt bearbeitet 08.09.2025 21:06:23

An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a differ...

9.8

CVE-2025-47867

  • EPSS 0.52%
  • Veröffentlicht 17.06.2025 17:42:55
  • Zuletzt bearbeitet 08.09.2025 21:04:50

A Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0.6955 could allow an attacker to include arbitrary files to execute as PHP code and lead to remote code execution on affected installations.

7.5

CVE-2025-47866

  • EPSS 0.04%
  • Veröffentlicht 17.06.2025 17:42:42
  • Zuletzt bearbeitet 08.09.2025 21:04:48

An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations.

9.8

CVE-2025-47865

  • EPSS 0.49%
  • Veröffentlicht 17.06.2025 17:42:30
  • Zuletzt bearbeitet 08.09.2025 21:04:46

A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote code execution on affected installations.

7.1

CVE-2023-52331

  • EPSS 0.2%
  • Veröffentlicht 23.01.2024 21:15:09
  • Zuletzt bearbeitet 20.06.2025 19:15:28

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-p...

6.1

CVE-2023-52329

  • EPSS 0.47%
  • Veröffentlicht 23.01.2024 21:15:09
  • Zuletzt bearbeitet 17.06.2025 16:15:31

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but...