← back
CVE-2017-11391

CVE-2017-11391

EPSS 61.8%
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "t" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4744.
Affected products
Trend Micro · Trend Micro InterScan Messaging Security Virtual Appliance

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://success.trendmicro.com/solution/1117723http://www.securityfocus.com/bid/100075http://www.zerodayinitiative.com/advisories/ZDI-17-502