Unrated severityNVD Advisory· Published Jun 8, 2015· Updated Jun 17, 2026
CVE-2015-4051
CVE-2015-4051
Description
Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users, or possibly have unspecified other impact via a crafted request, as demonstrated by a beckhoff.com:service:cxconfig:1#Write SOAP action to /upnpisapi.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:beckhoff:ipc_diagnostics:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:beckhoff:ipc_diagnostics:*:*:*:*:*:*:*:*range: <=1.7
- (no CPE)range: <1.8
Patches
Vulnerability mechanics
References
6- seclists.org/fulldisclosure/2015/Jun/10nvdExploit
- www.thesecurityfactory.be/permalink/beckhoff-authentication-bypass.htmlnvdExploit
- ftp.beckhoff.com/download/document/IndustPC/Advisory-2015-001.pdfnvdVendor Advisory
- packetstormsecurity.com/files/132168/Beckhoff-IPC-Diagnositcs-Authentication-Bypass.htmlnvd
- packetstormsecurity.com/files/134071/Beckoff-CX9020-CPU-Model-Remote-Code-Execution.htmlnvd
- www.securityfocus.com/bid/75042nvd
News mentions
0No linked articles in our index yet.