5 matches found
CVE-2017-11394
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/trendmicroofficescanwidgetexec.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...
Trend Micro InterScan Messaging Security modTMCSS Command Injection (CVE-2017-11391; CVE-2017-11394)
A command injection vulnerability exists in Trend Micro InterScan Messaging Security virtual appliance. The vulnerability is due to improper validation of request parameters within the modTMCSS Proxy functionality. A remote, authenticated attacker could exploit the vulnerability by sending a...
Trend Micro OfficeScan Proxy.php Command Injection (CVE-2017-11394)
A command injection vulnerability exists in Trend Micro's OfficeScan. The vulnerability is due to improper validation of HTTP parameters within the Proxy.php script. A remote, authenticated attacker could exploit the vulnerability by sending a crafted request to the vulnerable system...
CVE-2017-11394
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG 12 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544...
CVE-2017-11394
CVE-2017-11394 describes a proxy.php parameter handling flaw in Trend Micro OfficeScan 11 and XG (12) that allows remote command execution via improper validation of HTTP parameters (Proxy.php). The vulnerability enables an attacker to execute arbitrary code on vulnerable installations. Public re...