Intrusion PreventionTrend.Micro.InterScan.WS.VA.ManageVLAN.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection Vulnerability in Trend Micro InterScan Web Security Virtual Appliance.
The vulnerability is due to improper validation of user-supplied data in HTTP requests. A remote authenticated attacker can exploit the vulnerability by sending a malicious request to the target server. Successful exploitation of this vulnerability could allow arbitrary code execution on the target server in the security context of iscan account.
Affected Products
Trend Micro InterScan Web Security Virtual Appliance 6.5 prior to 6.5 SP2 Hotfix 1919
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://success.trendmicro.com/solution/000281954
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-12-20 | 26.700 | Sig Added |
| 2021-02-22 | 17.020 | Default_action:pass:drop |
| 2021-02-09 | 17.013 |
| ID | 49805 |
| Created | Feb 01, 2021 |
| Updated | Dec 20, 2023 |
| Risk |
|
| CVE ID | CVE-2020-28581 |
| Exploit Prediction Score | 11.53% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |