PT-2017-2601 · Trend Micro · Trend Micro Officescan

Mehmet Ince

Publicado

2017-08-02

Atualizado

2017-10-14

CVE-2017-11394

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro OfficeScan versions 11 and 12

Description The issue is caused by a command injection vulnerability in the proxy server setup during installation, allowing a remote attacker to execute arbitrary code by exploiting the T parameter in Proxy.php. This can lead to remote code execution on vulnerable installations.

Recommendations For Trend Micro OfficeScan version 11, update to a version that fixes the command injection vulnerability in the proxy server setup. For Trend Micro OfficeScan version 12, update to a version that fixes the command injection vulnerability in the proxy server setup. As a temporary workaround, consider restricting access to the Proxy.php file to minimize the risk of exploitation.

Exploit

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2017-01818

CVE-2017-11394

ZDI-17-521

Produtos afetados

Trend Micro Officescan

PT-2017-2601 · Trend Micro · Trend Micro Officescan

CVE-2017-11394

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9