What is CVE-2011-4051?

CVE-2011-4051 is a vulnerability in Indusoft Web_studio, classified under Improper Authentication. Published 2011-12-05.

Is CVE-2011-4051 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Indusoft Web_studio

CVE-2011-4051

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loadin…

Vulnerability class: Broken Authentication

EPSS: 0.731 (98.8th percentile) — read the EPSS interpretation.

Affected products

Indusoft Web_studio — versions 6.1, 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-287 — Improper Authentication

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cret@cert.org (US Government Resource, x_refsource_MISC)
cret@cert.org (x_refsource_CONFIRM, Patch)
cret@cert.org (Patch, x_refsource_MISC)

Frequently asked questions

What is CVE-2011-4051?: CVE-2011-4051 is a vulnerability in Indusoft Web_studio, classified under Improper Authentication. Published 2011-12-05.
Is CVE-2011-4051 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.