CVE-2017-14095

Summary

A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro Smart Protection Server (Standalone)3.0, 3.1, 3.2affected

Weaknesses

  • CWE-98: OTHER - Improper Control of Filename for Include/Require Statement in PHP Program (CWE-98)

ADP Enrichment

CVE Program Container

Additional References

References