Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiBen TurnerZDI-15-038
HistoryFeb 10, 2015 - 12:00 a.m.

(0Day) Persistent Systems Client Automation Command Injection Remote Code Execution Vulnerability

2015-02-1000:00:00
Ben Turner
www.zerodayinitiative.com
30

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.947 High

EPSS

Percentile

99.2%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Persistent Systems Client Automation. Authentication is not required to exploit this vulnerability. The flaw exists within the radexecd.exe component which listens by default on TCP port 3465. When handling a remote execution request the process does not properly authenticate the user issuing the request. The command to be executed is also not properly sanitized. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of SYSTEM. This vulnerability is different than ZDI-11-105.

Related

zdt 3
saint 4
checkpoint_advisories 2
packetstorm 2
exploitpack 2
prion 1
nessus 1
cve 1
exploitdb 2
ics 1
zdt
zdt
HP Client - Automation Command Injection / Remote Code Execution
2016-10-10 00:00:00
Persistent Systems Client Automation Command Injection RCE Exploit
2015-02-28 00:00:00
HP Client Automation Command Injection Exploit
2015-02-26 00:00:00
saint
saint
Radia Client Automation radexecd.exe command injection
2015-02-25 00:00:00
Radia Client Automation radexecd.exe command injection
2015-02-25 00:00:00
Radia Client Automation radexecd.exe command injection
2015-02-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Persistent Systems Radia Client Automation Command Execution - Ver2 (CVE-2015-1497)
2015-03-26 00:00:00
Persistent Systems Radia Client Automation Command Execution (CVE-2015-1497)
2015-03-08 00:00:00
packetstorm
packetstorm
HP Client Automation 7.9 Command Injection
2016-10-10 00:00:00
HP Client Automation Command Injection
2015-02-24 00:00:00
exploitpack
exploitpack
Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)
2015-02-27 00:00:00
HP Client 9.19.08.17.9 - Command Injection
2016-10-10 00:00:00
prion
prion
Command injection
2015-02-16 15:59:00
nessus
nessus
Persistent Systems Radia Client Automation Agent Command Injection
2015-10-19 00:00:00
cve
cve
CVE-2015-1497
2015-02-16 15:59:00
exploitdb
exploitdb
HP Client 9.1/9.0/8.1/7.9 - Command Injection
2016-10-10 00:00:00
Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)
2015-02-27 00:00:00
ics
ics
Siemens Molecular Imaging Vulnerabilities
2017-08-09 12:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.947 High

EPSS

Percentile

99.2%

JSON
Related for ZDI-15-038
zdt3saint4checkpoint_advisories2packetstorm2exploitpack2prion1nessus1cve1exploitdb2ics1