3 matches found
InduSoft Web Studio 'Remote Agent' Code Execution Vulnerability - Windows
InduSoft Web Studio is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Schneider Electric InduSoft Web Studio Remote Agent Remote Code Execution (CVE-2015-7374)
The vulnerability is due to lack of authentication to the Remote Agent Service which allows attackers to execute API calls on the service remotely. By sending crafted requests to the service, a remote unauthenticated attacker can exploit this vulnerability to execute code under the context of the...
CVE-2015-7374
CVE-2015-7374 affects Schneider Electric InduSoft Web Studio via the Remote Agent component (Windows). The vulnerability enables remote code execution due to lack of authentication on the Remote Agent service (TCP port 1234), allowing remote API calls to be executed with the process’s privileges....