2 matches found
CVE-2017-11388
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638...
CVE-2017-11388
CVE-2017-11388 affects Trend Micro Control Manager 6.0. The vulnerability is a SQL injection in RestfulServiceUtility.NET.dll that fails to validate user-supplied strings when constructing SQL queries, enabling Remote Code Execution. The ZDI advisories describe exploitation requiring authenticati...