APP: Trend Micro Control Manager cmdHandlerTVCSCommander SQL Injection

This signature detects attempts to exploit a known vulnerability in the Trend Micro Control Manager. Successful exploitation of this vulnerability, in conjunction with other vulnerabilities, could lead to code execution under the security context of the database.

Extended Description

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Formerly ZDI-CAN-4560.

Affected Products

Trendmicro control_manager

References

CVE: CVE-2017-11383

Short Name
APP:MISC:TMCM-CM-TVCSC-SQLI
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
CVE-2017-11383 Control Injection Manager Micro SQL Trend cmdHandlerTVCSCommander
Release Date
09/12/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
Port
TCP/20101,20102
False Positive
Unknown
Vendors

Trendmicro

CVSS Score

7.5

Found a potential security threat?