HTTP: Trend Micro InterScan Messaging Security modTMCSS Command Injection
A command injection vulnerability has been reported in Trend Micro InterScan Messaging Security virtual appliance. A remote, authenticated attacker could exploit the vulnerability by sending a crafted request to the vulnerable system. Successful exploitation of the vulnerability could lead to arbitrary command execution under the security context of the imss user.
Extended Description
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "t" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4744.
Affected Products
Trendmicro interscan_messaging_security_virtual_appliance
Short Name
HTTP:UNIX-CMD:TRENDMICRO-CMDINJ
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-11391 Command Injection InterScan Messaging Micro Security Trend modTMCSS
Release Date
11/23/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3415
False Positive
Unknown
Vendors
Trendmicro
CVSS Score
6.5