Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-11394Improper Input Validation in Micro Officescan

CWE-20Improper Input Validation4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
80.7%
top 0.86%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Trend Micro OfficescanTrendmicro Officescan
Timeline
PublishedAug 3
Latest updateMay 17

Description

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDtrendmicro/officescan11.0, 12.0+1
CVEListV5trend_micro/trend_micro_officescan11, XG (12)

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-2pxr-78xf-pr6j: Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable install2022-05-17
CVEList
CVE-2017-11394: Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable install2017-08-03

💥Exploits & PoCs

1
Exploit-DB
Trend Micro OfficeScan 11.0/XG (12.0) - Remote Code Execution (Metasploit)2017-10-11
CVE-2017-11394 — Improper Input Validation in Trend | cvebase