VDB
CVE-2015-1497
CVE-2015-1497
PUBLISHED
KEV
CVSS 10 CRITICAL
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.
EPSS 88.26% · 99.5th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
88.26%
99.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| persistent_systems | radia_client_automation | 9.1, 8.1, 9.1 |
| n/a | n/a | n/a, n/a |
Timeline
- Jan 2, 2014 Metasploit Module
- Feb 16, 2015 CVE Published
- Feb 24, 2015 PoC Published
- Feb 25, 2015 PoC Published
- Feb 28, 2015 PoC Published
- Oct 10, 2016 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
References
- 118382 vdb
- 72612 vdb
- 36169 exploit
- http://www.zerodayinitiative.com/advisories/ZDI-15-038/ url
- https://support.accelerite.com/hc/en-us/articles/203659814-Accelerite-releases-solutions-and-best-practices-to-enhance-the-security-for-RBAC-and-Remote-Notify-features url
- 36206 exploit
- http://packetstormsecurity.com/files/130459/HP-Client-Automation-Command-Injection.html url
- 40491 exploit
- https://nvd.nist.gov/vuln/detail/CVE-2015-1497 advisory
- https://www.exploit-db.com/exploits/40491 url
- http://www.zerodayinitiative.com/advisories/ZDI-15-038 url