CyberSec.Space Logo
Back to CVE Browser

CVE-2015-1497

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1240%
EPSS Percentile17.66th
PublishedFeb 16, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.

Affected Platforms (CPE)

πŸ“¦
Persistent Systems

Radia Client Automation

= 7.9
πŸ“¦
Persistent Systems

Radia Client Automation

= 8.1
πŸ“¦
Persistent Systems

Radia Client Automation

= 9.0
πŸ“¦
Persistent Systems

Radia Client Automation

= 9.1

References & Advisories

πŸ”— http://osvdb.org/show/osvdb/118382
πŸ”— http://packetstormsecurity.com/files/130459/HP-Client-Automation-Command-Injection.html
πŸ”— http://www.exploit-db.com/exploits/36169
πŸ”— http://www.exploit-db.com/exploits/36206
πŸ”— http://www.securityfocus.com/bid/72612
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-15-038/
πŸ”— https://support.accelerite.com/hc/en-us/articles/203659814-Accelerite-releases-solutions-and-best-practices-to-enhance-the-security-for-RBAC-and-Remote-Notify-features
πŸ”— https://www.exploit-db.com/exploits/40491/

Related Vulnerabilities

CVE-2015-786010.0

Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibl...

CVE-2011-088910.0

Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 allows remote...

CVE-2015-149810.0

Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to ...

CVE-2015-786110.0

Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to exe...