Radia Client Automation
CVE-2015-1497
CRITICAL
Severity by source
AV:N/AC:L/Au:N/C:C/I:C/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:N/C:C/I:C/A:C
Lifecycle Timeline
1DescriptionCVE.org
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.
AnalysisAI
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 88.3%.
Technical ContextAI
This vulnerability is classified as Code Injection (CWE-94), which allows attackers to inject and execute arbitrary code within the application. radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465. Affected products include: Persistent Systems Radia Client Automation.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Never evaluate user-controlled input as code. Use sandboxing, disable dangerous functions, apply strict input validation.
More in Radia Client Automation
View allStack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation
Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attack
Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote att
Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 improper
The default configuration of Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today