CVE-2011-4051

Severity CVSS v4.0:
Pending analysis
Type:
CWE-287 Authentication Issues
Publication date:
05/12/2011
Last modified:
11/04/2025

Description

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:indusoft:web_studio:6.1:*:*:*:*:*:*:*
cpe:2.3:a:indusoft:web_studio:7.0:*:*:*:*:*:*:*