2 matches found
Trend Micro IWSVA DeploymentWizardAction GetClusterInfo Command Injection
A command injection vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance IWSVA. The vulnerability is due to improper validation of the HTTP request parameters in the GetClusterInfo method of the DeploymentWizardAction class. A remote, authenticated attacker can exploit thi...
Trend Micro InterScan Web Security Virtual Appliance DeploymentWizardAction GetClusterInfo Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within DeploymentWizardAction's GetClusterInfo method. A...