CVE-2017-11393

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZDI-CAN-4543.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:trendmicro:officescan:11.0:sp1:*:*:*:*:*:*
cpe:2.3:a:trendmicro:officescan:12.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-08-03 15:29

Updated : 2024-02-28 16:04


NVD link : CVE-2017-11393

Mitre link : CVE-2017-11393

CVE.ORG link : CVE-2017-11393


JSON object : View

Products Affected

trendmicro

  • officescan
CWE
CWE-20

Improper Input Validation