This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote Windows host contains a web application that allows remote
The Trend Micro Control Manager install on the remote Windows host is
missing Critical Patch 1422. As such, the included
Cas_LogDirectInsert.aspx http handler reportedly has a vulnerability
by which malicious XML and schema information can be used in queries
in the backend database.
Using a specially crafted POST request, an unauthenticated, remote
attacker could reportedly leverage this issue to create and insert a
user account that can in turn be used to execute remote code through
the management console.
See also :
Upgrade to Trend Micro Control Manager 5.5 if necessary and apply
Critical Patch 1422.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.4
Public Exploit Available : true