10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.956 High
EPSS
Percentile
99.2%
Added: 02/25/2015
CVE: CVE-2015-1497
BID: 72612
OSVDB: 118382
Radia Client Automation is an endpoint management solution.
The **radexecd.exe**
daemon does not properly authenticate or sanitize user requests, allowing remote attackers to execute arbitrary commands.
Use the workarounds described in the Accelerite announcement.
<http://www.zerodayinitiative.com/advisories/ZDI-15-038/>
Exploit works on Radia Client Automation 9.00 on CentOS 5.
Linux