ZDI-26-269: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-54948.
ORIGINAL SOURCE →via Zero Day Initiative
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Lazarus Lures Developers With Backdoored Coding Tests
- [CYBER] Recent Microsoft Defender Vulnerability Exploited as Zero-Day
- [CYBER] Microsoft Graph API misused by new GoGra Linux malware for hidden communication
- [CYBER] Xinference PyPI Breach Exposes Developers to Cloud Credential Theft
- [CYBER] Any Chance Something Happened?
- [CYBER] Fake Wallpaper App, YouTube Channel Used to Spread notnullOSX Malware