← back
CVE-2017-11393

CVE-2017-11393

EPSS 15.9%
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZDI-CAN-4543.
Affected products
Trend Micro · Trend Micro OfficeScan

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://success.trendmicro.com/solution/1117769http://www.securityfocus.com/bid/100127http://www.zerodayinitiative.com/advisories/ZDI-17-522