ModOSCE SQL Injection Vulnerability in Apex One Could Allow Remote Code Execution
CVE-2024-39753

Currently unrated

Key Information:

Vendor
Trend Micro
Vendor
CVE Published:
22 October 2024

Summary

An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

References

https://success.trendmicro.com/en-US/solution/ka-0016669
https://www.zerodayinitiative.com/advisories/ZDI-24-897/

Timeline

  • Vulnerability published

.