A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this vulnerability.
https://www.zerodayinitiative.com/advisories/ZDI-20-676/
https://success.trendmicro.com/solution/000253095
http://packetstormsecurity.com/files/158423/Trend-Micro-Web-Security-Remote-Code-Execution.html