{"api_version":"1","generated_at":"2026-04-23T08:03:23+00:00","cve":"CVE-2016-5840","urls":{"html":"https://cve.report/CVE-2016-5840","api":"https://cve.report/api/cve/CVE-2016-5840.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-5840","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-5840"},"summary":{"title":"CVE-2016-5840","description":"hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2016-06-30 16:59:00","updated_at":"2016-11-28 20:29:00"},"problem_types":["CWE-20"],"metrics":[],"references":[{"url":"http://jvn.jp/en/jp/JVN55428526/index.html","name":"JVN#55428526","refsource":"JVN","tags":[],"title":"JVN#55428526: Deep Discovery Inspector vulnerable to remote code execution","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://www.zerodayinitiative.com/advisories/ZDI-16-373","name":"http://www.zerodayinitiative.com/advisories/ZDI-16-373","refsource":"MISC","tags":[],"title":"Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000103.html","name":"JVNDB-2016-000103","refsource":"JVNDB","tags":[],"title":"JVNDB-2016-000103 - JVN iPedia","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://esupport.trendmicro.com/solution/en-US/1114281.aspx","name":"http://esupport.trendmicro.com/solution/en-US/1114281.aspx","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Remote Code Execution Vulnerability - Deep Discovery Inspector","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/40180/","name":"40180","refsource":"EXPLOIT-DB","tags":["Exploit","Third Party Advisory"],"title":"Trend Micro Deep Discovery 3.7/3.8 SP1 (3.81)/3.8 SP2 (3.82) - 'hotfix_upload.cgi' Filename Remote Code Execution - Linux webapps Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-5840","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5840","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"5840","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trend_micro","cpe5":"deep_discovery_inspector","cpe6":"3.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"5840","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trend_micro","cpe5":"deep_discovery_inspector","cpe6":"3.81","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"5840","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trend_micro","cpe5":"deep_discovery_inspector","cpe6":"3.82","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"5840","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trend_micro","cpe5":"deep_discovery_inspector","cpe6":"3.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"5840","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trend_micro","cpe5":"deep_discovery_inspector","cpe6":"3.81","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"5840","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"trend_micro","cpe5":"deep_discovery_inspector","cpe6":"3.82","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2016-5840","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.zerodayinitiative.com/advisories/ZDI-16-373","refsource":"MISC","url":"http://www.zerodayinitiative.com/advisories/ZDI-16-373"},{"name":"JVNDB-2016-000103","refsource":"JVNDB","url":"http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000103.html"},{"name":"JVN#55428526","refsource":"JVN","url":"http://jvn.jp/en/jp/JVN55428526/index.html"},{"name":"40180","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/40180/"},{"name":"http://esupport.trendmicro.com/solution/en-US/1114281.aspx","refsource":"CONFIRM","url":"http://esupport.trendmicro.com/solution/en-US/1114281.aspx"}]}},"nvd":{"publishedDate":"2016-06-30 16:59:00","lastModifiedDate":"2016-11-28 20:29:00","problem_types":["CWE-20"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":9},"severity":"HIGH","exploitabilityScore":8,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:trend_micro:deep_discovery_inspector:3.81:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:trend_micro:deep_discovery_inspector:3.7:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:trend_micro:deep_discovery_inspector:3.82:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"5840","Ordinal":"91945","Title":"CVE-2016-5840","CVE":"CVE-2016-5840","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"5840","Ordinal":"1","NoteData":"hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename parameter of the Content-Disposition header.","Type":"Description","Title":null},{"CveYear":"2016","CveId":"5840","Ordinal":"2","NoteData":"2016-06-30","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"5840","Ordinal":"3","NoteData":"2016-11-28","Type":"Other","Title":"Modified"}]}}}