Proxy Command Injection Vulnerability in Trend Micro InterScan Messaging Virtual Appliance
CVE-2017-11392

8.8HIGH

Key Information:

Vendor: Trend Micro
Status: Trend Micro Interscan Messaging Security Virtual Appliance
Vendor: CVE Published:; 3 August 2017

🔔 Create Trend Micro Vulnerability Alert

What is CVE-2017-11392?

A proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance versions 9.0 and 9.1 enables remote attackers to execute arbitrary code. This security flaw arises from improper handling of the 'T' parameter within the modTMCSS Proxy. Exploiting this vulnerability could lead to significant security risks for affected installations, making it crucial for users to apply the necessary patches and updates. More details can be found in security advisories from Trend Micro and Zero Day Initiative.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch