CVE-2011-4051

InduSoft Web Studio <7.0 - RCE

Title source: llm

Description

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.

Exploits (2)

metasploit WORKING POC EXCELLENT

by Luigi Auriemma, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/indusoft_webstudio_exec.rb

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/21837

View Code ZIP pw:eip

References (3)

[Patch] http://www.indusoft.com/hotfixes/hotfixes.php

[US Government Resource] http://www.us-cert.gov/control_systems/pdf/ICSA-11-319-01.pdf

[Patch] http://www.zerodayinitiative.com/advisories/ZDI-11-330/

Scores

EPSS 0.7343

EPSS Percentile 98.8%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

indusoft/web_studio

indusoft/web_studio

Timeline

Published Dec 05, 2011

Tracked Since Feb 18, 2026