3 matches found
CVE-2017-6398
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/trendmicroimsvaexec.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:58+00:00| seen|...
CVE-2017-6398
An issue was discovered in Trend Micro InterScan Messaging Security Virtual Appliance 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user which is root. Besides, the default installation of IMSVA comes with default administrator credentials. The...
CVE-2017-6398
Trend Micro InterScan Messaging Security (Virtual Appliance) (IMSVA) 9.1-1600 contains a command injection via the saveCert.imss endpoint. An authenticated user can pass input that is used as arguments to an OS command without proper sanitization, enabling arbitrary command execution as the web s...