← back
CVE-2018-6224

CVE-2018-6224

EPSS 2.2%
A lack of cross-site request forgery (CSRF) protection vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to submit authenticated requests to a user browsing an attacker-controlled domain.
Affected products
Trend Micro · Trend Micro Email Encryption Gateway
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44166/unverifiedexploitdbwww.exploit-db.com/exploits/44166unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://success.trendmicro.com/solution/1119349https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilitieshttps://www.exploit-db.com/exploits/44166/