Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)

VN-2017-78


Trend Micro InterScan Web Security Multiple Bugs Let Remote Users Read Files and Remote Authenticated Users Execute Arbitrary Commands on the Target System
Severity Rating: Medium
Systems Affected:
  • Trend Micro InterScan Web Security
Description
Several vulnerabilities were reported in Trend Micro InterScan Web Security and they can be reported by remote attackers to cause execution of arbitrary code and conduct XML external entity attacks to obtain files on the affected system.  The vulnerabilities reported are as follows:
 
·         A remote user can supply specially crafted XML External Entity (XXE) data to the target REST API interface (which is based on “resteasy-jaxrs-2.3.5.Final.jar”) to read files on the target system with the privileges of the target service.
 
·         A remote authenticated administrative user can send a specially crafted “SSHPort” parameter value to execute arbitrary commands with root privileges on the target system.
 
·         A remote authenticated user can send specially crafted parameter values to execute arbitrary commands on the target system. The “netid”, “netmask”, “router”, and “interface_vlanid_sel” parameters are affected.
 
Solution
Users are advised to update apply updates.
More information is available on:
 
Vendor Information
Trend Micro
 
References
Security Tracker
 
Trend Micro
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis