CRITICAL🇵🇱 Wersja polska

CVE-2017-14094

CVSS 9.8v3.0pub. 2018-01-19upd. 2024-11-21

A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a cron job injection on a vulnerable system.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Trendmicro Smart Protection Server

    APP
    Trendmicro
    ≤ 3.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2018-6231CRITICAL9.8ten sam produkt

A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (St...

CVE-2017-14097CRITICAL9.8ten sam produkt

An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and ...

CVE-2016-6269CRITICAL9.1ten sam produkt

Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6...

CVE-2018-10350HIGH8.8ten sam produkt

A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x co...

CVE-2018-6237HIGH7.5ten sam produkt

A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote ...