hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote malicious users to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dell wyse device manager 4.7.1 |
||
dell wyse device manager 4.7.2 |
||
dell wyse device manager 4.7.0 |