hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2012-06-19T20:00:00Z
Updated: 2024-09-17T02:31:30.157Z
Reserved: 2009-02-22T00:00:00Z
Link: CVE-2009-0695
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-06-19T20:55:02.630
Modified: 2024-11-21T01:00:42.390
Link: CVE-2009-0695
Redhat
No data.