CVE-2017-11388

Publication date

2017-08-02 21:00:00

Family

trendmicro

State

PUBLISHED

Description

SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesnt properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638.