Lucene search
K

5 matches found

Circl
Circl
added 2018/05/29 3:50 p.m.10 views

CVE-2017-11394

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/trendmicroofficescanwidgetexec.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...

10CVSS9.3AI score0.66774EPSS
Exploits2References1
Check Point Advisories
Check Point Advisories
added 2017/11/07 12:0 a.m.13 views

Trend Micro InterScan Messaging Security modTMCSS Command Injection (CVE-2017-11391; CVE-2017-11394)

A command injection vulnerability exists in Trend Micro InterScan Messaging Security virtual appliance. The vulnerability is due to improper validation of request parameters within the modTMCSS Proxy functionality. A remote, authenticated attacker could exploit the vulnerability by sending a...

10CVSS3.5AI score0.66774EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2017/08/17 12:0 a.m.21 views

Trend Micro OfficeScan Proxy.php Command Injection (CVE-2017-11394)

A command injection vulnerability exists in Trend Micro's OfficeScan. The vulnerability is due to improper validation of HTTP parameters within the Proxy.php script. A remote, authenticated attacker could exploit the vulnerability by sending a crafted request to the vulnerable system...

10CVSS1.9AI score0.66774EPSS
Exploits2
NVD
NVD
added 2017/08/03 3:29 p.m.26 views

CVE-2017-11394

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG 12 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544...

10CVSS9.8AI score0.66774EPSS
Exploits2References4
CVE
CVE
added 2017/08/03 3:0 p.m.57 views

CVE-2017-11394

CVE-2017-11394 describes a proxy.php parameter handling flaw in Trend Micro OfficeScan 11 and XG (12) that allows remote command execution via improper validation of HTTP parameters (Proxy.php). The vulnerability enables an attacker to execute arbitrary code on vulnerable installations. Public re...

10CVSS9.8AI score0.66774EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder