CVEs-PoC/2020/CVE-2020-8599.md

### [CVE-2020-8599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8599)
![](https://img.shields.io/static/v1?label=Product&message=Trend%20Micro%20OfficeScan%2C%20Trend%20Micro%20Apex%20One&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Arbitrary%20File%20Upload%20Directory%20Traversal&color=brighgreen)

### Description

Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors