CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote attackers to execute arbitrary code via a crafted 0x15 aka Remove File operation for a file with a long name...

9.3CVSS8.4AI score0.05944EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:48 a.m.•8 views

CVE-2011-4051

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control...

10CVSS7.8AI score0.70156EPSS

Exploits4References1

RedhatCVE•added 2025/05/22 12:29 a.m.•9 views

CVE-2011-1900

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to execute arbitrary code via an invalid request...

10CVSS8AI score0.32043EPSS

Exploits2References1

OSV•added 2023/12/16 1:15 a.m.•5 views

CVE-2021-42797

Path traversal vulnerability in AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources...

7.5CVSS5.8AI score0.01EPSS

Exploits0References2

NVD•added 2023/12/16 1:15 a.m.•13 views

CVE-2021-42797

7.5CVSS0.01EPSS

Exploits0References2

Prion•added 2023/12/16 1:15 a.m.•20 views

Path traversal

5CVSS7.2AI score0.01EPSS

Exploits0References2Affected Software1

CVE•added 2023/12/16 12:0 a.m.•47 views

CVE-2021-42797

CVE-2021-42797 — AVEVA Edge (formerly InduSoft Web Studio) : Path traversal in AVEVA Edge versions R2020 and prior allows an unauthenticated user to disclose the Windows access token used for external DB resources. Affected product: AVEVA Edge; vulnerable component(s): runtime/installation flow t...

7.5CVSS7.5AI score0.01EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/12/16 12:0 a.m.•19 views

CVE-2021-42794

An issue was discovered in AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses...

5.3CVSS5.4AI score0.01199EPSS

Exploits1References3

CVE•added 2023/12/16 12:0 a.m.•56 views

CVE-2021-42796

CVE-2021-42796 affects AVEVA Edge (formerly InduSoft Web Studio) pre-2020 R2. The vulnerability is in the ExecuteCommand() function (stadosvr.exe) and allows unauthenticated arbitrary commands to execute, via improper access control. The issue is documented with a base CVSS v3.1 score of 9.8 (Net...

9.8CVSS9.4AI score0.01133EPSS

Exploits0References2Affected Software1

CVE•added 2023/12/16 12:0 a.m.•51 views

CVE-2021-42794

AVEVA Edge (formerly InduSoft Web Studio)

5.3CVSS5.1AI score0.01199EPSS

Exploits1References3Affected Software1

CISA KEV Catalog•added 2022/04/15 12:0 a.m.•11 views

InduSoft Web Studio NTWebServer Directory Traversal Vulnerability

InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution...

9.8CVSS7AI score0.74548EPSS

In wildExploits5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by