CVE-2011-4051

Name of the Vulnerable Software and Affected Versions InduSoft Web Studio versions 6.1 through 7.0

Description The issue allows remote attackers to execute arbitrary code without requiring authentication. This is related to vectors involving the creation of a file, loading a DLL, and process control in the CEServer component of the Remote Agent module.

Recommendations For InduSoft Web Studio versions 6.1 through 7.0, consider restricting access to the CEServer.exe component until a patch is available. As a temporary workaround, avoid using the Remote Agent module in InduSoft Web Studio versions 6.1 through 7.0 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.