Short Name |
HTTP:MISC:TRENDMICRO-CMD-INJ |
---|---|
Severity |
Critical |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Trend Micro Command Injection In HTTP Variables |
Release Date |
2017/09/12 |
Update Number |
2988 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
The signature is trying to capture any command injection vulnerabilites present in http parameters. Successful exploitation by remote use could lead to arbitrary command execution under the security context of the root user.