CVE-2011-4051

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control...

CVE-2011-4051

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control...

CVE-2011-4051

CVE-2011-4051 affects InduSoft Web Studio Remote Agent (CEServer component) and is due to lack of authentication for incoming requests, enabling unauthenticated remote code execution via file creation, DLL loading, and process control. Public sightings indicate exploit tooling and PoCs exist (e.g...

CVE-2011-4052

CVE-2011-4052 affects InduSoft Web Studio (CEServer.exe in the CEServer component, Remote Agent) with versions 6.1 and 7.0. The vulnerability arises from a stack-based buffer overflow triggered by a crafted 0x15 (Remove File) operation on a long file name, allowing remote attackers to execute arb...

InduSoft WebStudio Unauthenticated Remote Operations Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Web Studio. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Agent component CEServer.exe which listens by default on TCP port 4322. When...