Hardcoded Key Vulnerability in ControlUp Real-Time Agent (cuAgent.exe) Allows OS Command Execution via WCF Channel

Hardcoded Key Vulnerability in ControlUp Real-Time Agent (cuAgent.exe) Allows OS Command Execution via WCF Channel

CVE-2021-45913 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A hardcoded key in ControlUp Real-Time Agent (cuAgent.exe) before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel.

Learn more about our Web Application Penetration Testing UK.