header-logo
Suggest Exploit
vendor:
Web-Deployment ActiveX
by:
superli
9,3
CVSS
HIGH
Remote Execution
94
CWE
Product Name: Web-Deployment ActiveX
Affected Version From: 8.0
Affected Version To: 8.0
Patch Exists: Yes
Related CWE: N/A
CPE: a:trend_micro:web_deployment_activex
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3, Internet Explorer 6
2010

TrendMicro Web-Deployment ActiveX Remote Exec 0day POC

This is a proof-of-concept exploit for a remote execution vulnerability in TrendMicro Web-Deployment ActiveX. The vulnerability allows an attacker to execute arbitrary code on the target system by sending a specially crafted request to the vulnerable ActiveX control. The exploit was tested on Windows XP SP3 with Internet Explorer 6.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update to the latest version of TrendMicro Web-Deployment ActiveX.
Source

Exploit-DB raw data:

# Exploit Title: TrendMicro Web-Deployment ActiveX Remote Exec 0day POC
# Date: 2010.01.17
# Author: superli
# Software Link: http://www.trendmicro.com
# Version: 8.0
# Tested on: xpsp3 ie6

# Download:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/11173.zip (TrendMicro_web_deployment_activex0day.zip)

Navigation

Suggest Exploit

Services By CQR