TrendMicro node.js HTTP Server Remote Code Execution Exploit

The Password Manager component installed by various Trend Micro products runs a Node.js HTTP server by default. This web server opens multiple HTTP RPC ports for handling API requests. For example, the openUrlInDefaultBrowser API function, which internally maps to a ShellExecute function call, allows and attacker to execute arbitrary commands on localhost without the need of any type of credentials.
Exploit type: 
Platform: 
Vulnerabilty ID: 
NOCVE-9999-74958
Product Version: 
37
Released Date: 
Monday, April 18, 2016 - 19:00