Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2015-1497

Published: 16/02/2015 Updated: 03/09/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Persistent Systems

Vulnerability Summary

radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote malicious users to execute arbitrary commands via a crafted request to TCP port 3465.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

persistent systems radia client automation 7.9

persistent systems radia client automation 8.1

persistent systems radia client automation 9.0

persistent systems radia client automation 9.1

Exploits

Exploit DB: HP Client Automation 7.9 Command Injection
HP Client Automation remote command injection exploit that adds backdoor accounts and provides a reverse shell Author tested on version 79 but believes it should also work on 81, 90, and 91 ...
Exploit DB: Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)
# Exploit Title: Persistent Systems Client Automation (PSCA, formerly HPCA or Radia) Command Injection Remote Code Execution Vulnerability # Date: 2014-10-01 # Exploit Author: Ben Turner # Vendor Homepage: Previosuly HP, now wwwpersistentsyscom/ # Version: 79, 81, 90, 91 # Tested on: Windows XP, Windows 7, Server 2003 and Server 2008 # ...
Exploit DB: HP Client 9.1/9.0/8.1/7.9 - Command Injection
# Exploit Title: [HP Client - Automation Command Injection] # Date: [10/10/2016] # Exploit Author: [SlidingWindow] , Twitter: @kapil_khot # Vendor Homepage: [Previosuly HP, now wwwpersistentsyscom/] # Version: [Tested on version 79 but should work on 81, 90, 91 too] # Tested on: [Windows 7 and CentOS release 67 (Final)] # CVE : [CVE- ...
Exploit DB: HP Client - Automation Command Injection (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::CmdStager def initialize(info = {}) super(update_info(info ...

References

CWE-94http://www.zerodayinitiative.com/advisories/ZDI-15-038/http://packetstormsecurity.com/files/130459/HP-Client-Automation-Command-Injection.htmlhttp://osvdb.org/show/osvdb/118382http://www.exploit-db.com/exploits/36169http://www.exploit-db.com/exploits/36206https://support.accelerite.com/hc/en-us/articles/203659814-Accelerite-releases-solutions-and-best-practices-to-enhance-the-security-for-RBAC-and-Remote-Notify-featureshttp://www.securityfocus.com/bid/72612https://www.exploit-db.com/exploits/40491/https://nvd.nist.govhttps://packetstormsecurity.com/files/139051/HP-Client-Automation-7.9-Command-Injection.htmlhttps://www.exploit-db.com/exploits/36206/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook