Ghosts of the Past: Classic PHP RCE Bugs in Trend Micro Enterprise Offerings
Classic PHP vulnerability classes revisited in modern enterprise security products — because old bugs never really die.
HITCON CMT 2023
Talk delivered at HITCON CMT 2023 (Taipei, August 2023). The research examines how well-understood PHP vulnerability patterns — deserialization, file inclusion, command injection — continue to appear in enterprise security products from major vendors, with case studies drawn from Trend Micro’s enterprise line.