Arbitrary File Upload Vulnerability in Trend Micro Apex One and Apex One as a Service

Arbitrary File Upload Vulnerability in Trend Micro Apex One and Apex One as a Service

CVE-2023-32557 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges.

Learn more about our Cis Benchmark Audit For Server Software.