This module exploits two vulnerabilities in Trend Micro Threat Discovery Appliance.
The first is an authentication bypass vulnerability via a file delete in logoff.cgi which resets the admin password back to 'admin' upon a reboot. This is useful if the password for the admin user is unknown.
The second is an authenticated command injection flaw using the timezone parameter in the admin_sys_time.cgi interface.
The first is an authentication bypass vulnerability via a file delete in logoff.cgi which resets the admin password back to 'admin' upon a reboot. This is useful if the password for the admin user is unknown.
The second is an authenticated command injection flaw using the timezone parameter in the admin_sys_time.cgi interface.
CVE Link
Exploit Type - Old
Exploits/Remote Code Execution
Exploit Platform
Exploit Type
Product Name