CVE-2017-14086

HIGH

Trend Micro OfficeScan 11.0 - Use After Free

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-14086. PoCs published by hyp3rlinx.

AI-analyzed exploit summary The exploit demonstrates unauthenticated remote process execution and denial-of-service via direct HTTP requests to vulnerable Trend Micro OfficeScan XG endpoints. It triggers the execution of 'fcgiOfcDDA.exe' and causes INI corruption via 'cgiRqUpd.exe'.

Description

Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executable or cause a potential INI corruption, which may cause the server disk space to be consumed with dump files from continuous HTTP requests.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hyp3rlinx · textwebappswindows

https://www.exploit-db.com/exploits/42892

View Code ZIP pw:eip

The exploit demonstrates unauthenticated remote process execution and denial-of-service via direct HTTP requests to vulnerable Trend Micro OfficeScan XG endpoints. It triggers the execution of 'fcgiOfcDDA.exe' and causes INI corruption via 'cgiRqUpd.exe'.

Classification

Working Poc 90%

Attack Type

Rce | Dos

Complexity

Trivial

Reliability

Reliable

Target: Trend Micro OfficeScan XG v11.0 and 12.0

No auth needed

Prerequisites: Network access to the target's OfficeScan XG server on port 4343

MITRE ATT&CK