Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-52324

An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations. Please note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.

Published

2024-01-23T21:15:09.337

Last Modified

2025-05-30T15:15:27.220

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Primary
CWE-434
Type: Secondary
CWE-434

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	trendmicro	apex_central	2019	Yes

References

https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US Vendor Advisory ([email protected])
https://www.zerodayinitiative.com/advisories/ZDI-24-077/ Third Party Advisory, VDB Entry ([email protected])
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.zerodayinitiative.com/advisories/ZDI-24-077/ Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)