CVE-2011-4051

InduSoft Web Studio <7.0 - RCE

Title source: llm

Description

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/21837

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Luigi Auriemma, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/indusoft_webstudio_exec.rb

View Code ZIP pw:eip

References (3)

[US Government Resource] http://www.us-cert.gov/control_systems/pdf/ICSA-11-319-01.pdf

[Patch] http://www.indusoft.com/hotfixes/hotfixes.php

[Patch] http://www.zerodayinitiative.com/advisories/ZDI-11-330/

Scores

EPSS 0.7309

EPSS Percentile 98.8%

Details

CWE

CWE-287

Status published

Products (2)

indusoft/web_studio 6.1

indusoft/web_studio 7.0

Published Dec 05, 2011

Tracked Since Feb 18, 2026