CyberSec.Space Logo
CVEブラウザに戻る

CVE-2015-1497

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1240%
EPSS Percentile17.66th
Published2015年2月16日
Last Modified2026年5月6日

Vulnerability Description

radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.

Affected Platforms (CPE)

📦
Persistent Systems

Radia Client Automation

= 7.9
📦
Persistent Systems

Radia Client Automation

= 8.1
📦
Persistent Systems

Radia Client Automation

= 9.0
📦
Persistent Systems

Radia Client Automation

= 9.1

References & Advisories

🔗 http://osvdb.org/show/osvdb/118382
🔗 http://packetstormsecurity.com/files/130459/HP-Client-Automation-Command-Injection.html
🔗 http://www.exploit-db.com/exploits/36169
🔗 http://www.exploit-db.com/exploits/36206
🔗 http://www.securityfocus.com/bid/72612
🔗 http://www.zerodayinitiative.com/advisories/ZDI-15-038/
🔗 https://support.accelerite.com/hc/en-us/articles/203659814-Accelerite-releases-solutions-and-best-practices-to-enhance-the-security-for-RBAC-and-Remote-Notify-features
🔗 https://www.exploit-db.com/exploits/40491/

関連する脆弱性情報

CVE-2015-786010.0

Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibl...

CVE-2011-088910.0

Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 allows remote...

CVE-2015-149810.0

Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to ...

CVE-2015-786110.0

Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to exe...