CVE-2018-18330

CVE-2018-18330 is a medium-severity vulnerability in Trendmicro Dr. Safety with a CVSS 3.x base score of 6.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety for Android (Consumer) versions 3.0.1324 and below could allow an attacker to potentially trick a victim into visiting a malicious URL using address bar spoofing on the Private Browser of the app on vulnerable installations.

Frequently asked questions

What is CVE-2018-18330?
An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety for Android (Consumer) versions 3.0.1324 and below could allow an attacker to potentially trick a victim into visiting a malicious URL using address bar spoofing on the Private Browser of the app on vulnerable installations.
How severe is CVE-2018-18330?
CVE-2018-18330 has a CVSS 3.x base score of 6.5, rated medium severity. It is exploitable over network with low attack complexity, requires no privileges and user interaction. Impact on confidentiality is none, integrity high, and availability none.
Is CVE-2018-18330 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (57th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2018-18330?
CVE-2018-18330 affects Trendmicro Dr. Safety. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2018-18330?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2018-18330 published?
CVE-2018-18330 was published on 2018-12-21 and last updated on 2026-06-17.

References

Affected products (1)

More vulnerabilities in Trendmicro Dr. Safety

All CVEs affecting Trendmicro Dr. Safety →