漏洞描述
InduSoft Web Studio是美国InduSoft公司的一套图控软件。该软件包含了人机界面(HMI)、数据采集系统(SCADA)和嵌入式控制所需的各种功能模组等。
InduSoft Web Studio的CEServer组件在实现上存在远程代码执行漏洞。攻击者可利用该漏洞在受影响的应用程序上下文中执行任意代码。
InduSoft Web Studio ‘CEServer.exe’ 组件远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC vscode-mcp-json: Visual Studio Code MCP Configuration ("mcp.json") Exposure
- POC vscode-slnx-sqlite-disclosure: Visual Studio Code - Slnx.SQLite File Disclosure
- Cherry Studio 未授权 代码注入漏洞
- Sim Studio AI 服务端请求伪造漏洞(CVE-2025-9805)
- IBM Watson Studio on Cloud Pak for Data 跨站脚本漏洞
- Cherry Studio 命令注入漏洞
- POC CVE-2019-8982: Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery
- POC CVE-2021-43421: Studio-42 elFinder <2.1.60 - Arbitrary File Upload
- POC CVE-2022-38131: RStudio Connect - Open Redirect
- POC CVE-2023-47115: Label Studio - Cross-Site Scripting
- POC CVE-2023-47117: Label Studio - Sensitive Information Exposure
- POC CVE-2025-34300: SawtoothSoftware Lighthouse Studio < 9.16.14 - Pre-Auth Remote Code Execution
- POC shikongzhiyou-erp-uploadstudiofile-fileupload: 时空智友ERP系统 uploadStudioFile 任意文件上传漏洞