Dell: >> Wyse Device Manager Security Vulnerabilities
Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.
CVSS Score
7.5
EPSS Score
0.235
Published
2012-06-19
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.
CVSS Score
7.5
EPSS Score
0.706
Published
2012-06-19