Exploit for #VU60764 Integer overflow in Trend Micro Server applications

Exploit for #VU60764 Integer overflow in Trend Micro Server applications

Published: 2022-02-23

Vulnerability identifier: #VU60764

Vulnerability risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-25331

CWE-ID: CWE-190

Exploitation vector: Network

Exploits in database: 2

February 23, 2022
- serverprotect_info_server_dos.py [Github]
- serverprotect_info_server_cmd_73730_int32_overflow.py [Github]

Impact: Code execution

Vulnerable software:
ServerProtect for Storage (SPFS)
Server applications / DLP, anti-spam, sniffers
ServerProtect for EMC Celerra (SPEMC)
Server applications / DLP, anti-spam, sniffers
ServerProtect for Network Appliance Filers (SPNAF)
Server applications / DLP, anti-spam, sniffers
ServerProtect for Microsoft Windows / Novell Netware (SPNT)
Server applications / DLP, anti-spam, sniffers

Vendor: Trend Micro