CVE-2011-4051

InduSoft Web Studio 6.1 and 7.0 - Unauthenticated Remote Code Execution via CEServer Remote Agent

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-4051. PoCs published by Metasploit, Luigi Auriemma, juan vazquez, including Metasploit module exploits/windows/scada/indusoft_webstudio_exec.

AI-analyzed exploit summary This Metasploit module exploits CVE-2011-4051, an arbitrary file upload vulnerability in InduSoft Web Studio due to lack of authentication. It uploads a malicious executable and a MOF file to achieve remote code execution via WMI on pre-Vista Windows systems.

Description

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/21837

This Metasploit module exploits CVE-2011-4051, an arbitrary file upload vulnerability in InduSoft Web Studio due to lack of authentication. It uploads a malicious executable and a MOF file to achieve remote code execution via WMI on pre-Vista Windows systems.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: InduSoft Web Studio v6.1 SP6
No auth needed
Prerequisites: Network access to TCP port 4322 · Target running Windows XP/2003 with InduSoft Web Studio
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Luigi Auriemma, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/indusoft_webstudio_exec.rb

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in InduSoft Web Studio Remote Agent (CVE-2011-4051) to achieve remote code execution via WMI on pre-Vista Windows systems.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: InduSoft Web Studio v6.1 SP6
No auth needed
Prerequisites: Network access to TCP port 4322 · Target running Windows XP/2003
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-11-319-01.pdf

Scores

EPSS 0.7309
EPSS Percentile 98.8%

Details

CWE
CWE-287
Status published
Products (2)
indusoft/web_studio 6.1
indusoft/web_studio 7.0
Published Dec 05, 2011
Tracked Since Feb 18, 2026