CVE-2015-4051

Name of the Vulnerable Software and Affected Versions Beckhoff IPC Diagnostics versions prior to 1.8

Description The issue allows remote attackers to cause a denial of service, create arbitrary users, or possibly have other unspecified impacts via a crafted request to the "/upnpisapi" endpoint, specifically by using the "beckhoff.com:service:cxconfig:1#Write" SOAP action.

Recommendations For versions prior to 1.8, update to version 1.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the /config functions and the /upnpisapi endpoint to minimize the risk of exploitation.