High severity8.8NVD Advisory· Published Sep 22, 2017· Updated May 13, 2026

CVE-2017-11395

Description

Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on vulnerable installations.

Affected products

Trend Micro/Smart Protection Server (Standalone)v5
Range: 3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

success.trendmicro.com/solution/1117933nvdMitigationPatchVendor Advisory
www.coresecurity.com/advisories/trend-micro-smart-protection-os-command-injectionnvdExploitThird Party Advisory
www.securityfocus.com/bid/100461nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000