Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trendmicro officescan xg vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2017-11394
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote malicious users to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the T parameter within Proxy.php. Formerly ZDI-CAN-4544.
Trendmicro Officescan 11.0
Trendmicro Officescan 12.0
1 EDB exploit
890
VMScore
CVE-2020-8599
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote malicious user to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.
Trendmicro Officescan Xg
Trendmicro Apex One 2019
890
VMScore
CVE-2020-8598
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote malicious user to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is ...
Trendmicro Apex One 2019
Trendmicro Officescan Xg
Trendmicro Worry-free Business Security 9.0
Trendmicro Worry-free Business Security 9.5
Trendmicro Worry-free Business Security 10.0
890
VMScore
CVE-2019-18189
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an malicious user to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does ...
Trendmicro Apex One
Trendmicro Worry-free Business Security 10.0
Trendmicro Officescan 11.0
Trendmicro Officescan Xg
Trendmicro Worry-free Business Security 9.5
890
VMScore
CVE-2017-11393
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote malicious users to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZDI-CAN-4543.
Trendmicro Officescan 11.0
Trendmicro Officescan 12.0
837
VMScore
CVE-2020-8470
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an malicious user to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit t...
Trendmicro Apex One 2019
Trendmicro Officescan Xg
Trendmicro Worry-free Business Security 9.0
Trendmicro Worry-free Business Security 9.5
Trendmicro Worry-free Business Security 10.0
785
VMScore
CVE-2017-14086
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to b...
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
755
VMScore
CVE-2017-14089
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
685
VMScore
CVE-2017-14084
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow malicious users to execute arbitrary code on vulnerable installations.
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
641
VMScore
CVE-2021-32464
An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an malicious user to modify a specific script before it is executed. Please note: an attacker must first obta...
Trendmicro Apex One 2019
Trendmicro Officescan Xg
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »