Description
This module tests whether a directory traversal vulnerability is present in Trend Micro DLP (Data Loss Prevention) Appliance v5.5 build <= 1294. The vulnerability appears to be actually caused by the Tomcat UTF-8 bug which is implemented in module tomcat_utf8_traversal CVE 2008-2938. This module simply tests for the same bug with Trend Micro specific settings. Note that in the Trend Micro appliance, /etc/shadow is not used and therefore password hashes are stored and anonymously accessible in the passwd file.
Module options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use auxiliary/admin/http/trendmicro_dlp_traversalmsf undefined(trendmicro_dlp_traversal) > show actions ...actions...msf undefined(trendmicro_dlp_traversal) > set ACTION < action-name >msf undefined(trendmicro_dlp_traversal) > show options ...show and set options...msf undefined(trendmicro_dlp_traversal) > runPrioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub