How to Buy
This script is Copyright (C) 2009-2017 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host.
The version of the Wyse Thin Client HAgent service installed on the
remote host is at risk of a remote buffer overflow attack.
An unauthenticated attacker can exploit this flaw by sending a
specially crafted packet to the remote host. Successful exploitation
would result in remote code execution with the privileges of the
See also :
Upgrade to the latest version of Wyse Device Manager (4.7.2) and
apply the two security updates (HF 04072019009 and HF04072019709).
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 40862 ()
Bugtraq ID: 35650
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.