HTTP: Trend Micro OfficeScan CGI Directory Authentication Bypass Remote Code Execution
This signature detects attempts to exploit a known vulnerability in Trend Micro OfficeScan. Successful exploitation could lead to arbitrary code execution.
Extended Description
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.
Affected Products
Trend_micro officescan
References
CVE: CVE-2003-1341
Short Name
HTTP:CTS:TM-OFFICESCAN-CGI-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Authentication Bypass CGI CVE-2003-1341 Code Directory Execution Micro OfficeScan Remote Trend
Release Date
02/26/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Trend_micro
CVSS Score
7.5