ModOSCE SQL Injection Vulnerability in Apex One Could Allow Remote Code Execution

CVE-2024-39753

Currently unrated 🤨

Key Information

Vendor: Trend Micro
Vendor: CVE Published:; 22 October 2024

Summary

An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Refferences

https://success.trendmicro.com/en-US/solution/ka-0016669

https://www.zerodayinitiative.com/advisories/ZDI-24-897/

Timeline

Vulnerability published
Oct 22, 2024

Collectors

NVD Database

.