This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. Trend Micro IMSVA product have widget feature which is implemented with PHP. […]
The post Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution appeared first on MondoUnix.