CVE-2011-4051
First published: Mon Dec 05 2011(Updated: )
CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| InduSoft Web Studio | =6.1 | |
| InduSoft Web Studio | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/event
- agent/weakness
- agent/severity
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/indusoft
- canonical/indusoft web studio
- version/indusoft web studio/6.1
- version/indusoft web studio/7.0