Lucene search
SAINT CorporationSAINT:1B545765E51E57375868DFC59DCC0E1FHistoryFeb 25, 2015 - 12:00 a.m.
Radia Client Automation radexecd.exe command injection
2015-02-2500:00:00
SAINT Corporation
www.saintcorporation.com
36
0.956 High
EPSS
Percentile
99.2%
Added: 02/25/2015
CVE: CVE-2015-1497
BID: 72612
OSVDB: 118382
Background
Radia Client Automation is an endpoint management solution.
Problem
The **radexecd.exe** daemon does not properly authenticate or sanitize user requests, allowing remote attackers to execute arbitrary commands.
Resolution
Use the workarounds described in the Accelerite announcement.
References
<http://www.zerodayinitiative.com/advisories/ZDI-15-038/>
Limitations
Exploit works on Radia Client Automation 9.00 on CentOS 5.
Platforms
Linux
Related
zdt
zdt
HP Client - Automation Command Injection / Remote Code Execution
2016-10-10 00:00:00
Persistent Systems Client Automation Command Injection RCE Exploit
2015-02-28 00:00:00
HP Client Automation Command Injection Exploit
2015-02-26 00:00:00
saint
saint
Radia Client Automation radexecd.exe command injection
2015-02-25 00:00:00
Radia Client Automation radexecd.exe command injection
2015-02-25 00:00:00
Radia Client Automation radexecd.exe command injection
2015-02-25 00:00:00
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
HP Client Automation 7.9 Command Injection
2016-10-10 00:00:00
HP Client Automation Command Injection
2015-02-24 00:00:00
exploitpack
exploitpack
Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)
2015-02-27 00:00:00
HP Client 9.19.08.17.9 - Command Injection
2016-10-10 00:00:00
zdi
zdi
prion
prion
Command injection
2015-02-16 15:59:00
nessus
nessus
Persistent Systems Radia Client Automation Agent Command Injection
2015-10-19 00:00:00
cve
cve
CVE-2015-1497
2015-02-16 15:59:00
exploitdb
exploitdb
HP Client 9.1/9.0/8.1/7.9 - Command Injection
2016-10-10 00:00:00
ics
ics
Siemens Molecular Imaging Vulnerabilities
2017-08-09 12:00:00