CVE-2024-39753 - An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to exec

CVE-2024-39753

Summary

An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

References

https://success.trendmicro.com/en-US/solution/ka-0016669
https://www.zerodayinitiative.com/advisories/ZDI-24-897/

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

22-10-2024 - 20:35

Published

22-10-2024 - 19:15

Last modified

22-10-2024 - 20:35