Unrated severityNVD Advisory· Published Dec 5, 2011· Updated Apr 29, 2026

CVE-2011-4051

Description

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.

Affected products

Indusoft/Web Studio2 versions
cpe:2.3:a:indusoft:web_studio:6.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:indusoft:web_studio:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:indusoft:web_studio:7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.indusoft.com/hotfixes/hotfixes.phpnvdPatch
www.zerodayinitiative.com/advisories/ZDI-11-330/nvdPatch
www.us-cert.gov/control_systems/pdf/ICSA-11-319-01.pdfnvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.058
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000