CVE-2011-4051

Related Files

InduSoft Web Studio Arbitrary Upload Remote Code Execution

Posted Oct 4, 2012

Authored by Luigi Auriemma, juan vazquez | Site metasploit.com

This Metasploit module exploits a lack of authentication and authorization on the InduSoft Web Studio Remote Agent, that allows a remote attacker to write arbitrary files to the filesystem, by abusing the functions provided by the software. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of InduSoft Web Studio on Windows pre Vista. It has been successfully tested on InduSoft Web Studio 6.1 SP6 over Windows XP SP3 and Windows 2003 SP2.

tags | exploit, remote, web, arbitrary

systems | windows

advisories | CVE-2011-4051, OSVDB-77179

SHA-256 | 3fdafb054398a32fb8b23fd92f9caabbc9e00bce705897aaeb32c9f0b57d9a2a

Download | Favorite | View

Zero Day Initiative Advisory 11-330

Posted Nov 17, 2011

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-330 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Web Studio. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Agent component (CEServer.exe) which listens by default on TCP port 4322. When handling incoming requests the process fails to perform any type of authentication. Many available operations allow direct manipulation and creation of files on disk, loading of arbitrary DLLs and process control. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the User.

tags | advisory, remote, web, arbitrary, tcp

advisories | CVE-2011-4051

SHA-256 | 489894b63395a6aa133588330df21b715cfdf69761dcdde7b0da96353e321e7e

Download | Favorite | View