clayton@site:~/news$ cat cve-2021-36741-trend-micro-apex-one-apex-one-as-a-service-and-worry-free-business-security.log

CVE-2021-36741 — Trend Micro Multiple Products Improper Input Validation Vulnerability

2021-11-03 • CISA Known Exploited Vulnerability

[event] Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows a remote attacker to upload files.

> AFFECTED SOFTWARE

Field	Value
Vendor	Trend Micro
Product	Apex One, Apex One as a Service, and Worry-Free Business Security
CWE	CWE-22
CVE ID	CVE-2021-36741
Date Added	2021-11-03
Due Date	2021-11-17
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2021-11-17

> REFERENCES

[1] https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US,
[2] https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US
[3] https://nvd.nist.gov/vuln/detail/CVE-2021-36741