EXODUS BLOG

Advisories

NEC EXPRESSCLUSTER X Transaction Server 0x32 File Read Vulnerability

OCTOBER 31, 2021

EIP-852fe633 An arbitrary file read vulnerability has been found in NEC EXPRESSCLUSTER X that can allow an attacker to read files off the target system. The Transaction Server (clptrnsv.exe) is a system service configured...

NEC EXPRESSCLUSTER X Web Manager File Upload Vulnerability

OCTOBER 31, 2021

EIP-d8554689 An arbitrary file upload vulnerability has been found in NEC EXPRESSCLUSTER X. WebManager (clpwebmc.exe) is a webserver tasked with providing remote administrative access, it is configured to utilize port 29003 by default. This...

NEC EXPRESSCLUSTER X Web Manager Command Execution Vulnerability

OCTOBER 31, 2021

EIP-9eccc486 A remote command execution vulnerability has been found in NEC EXPRESSCLUSTER X. WebManager (clpwebmc.exe) is a webserver tasked with providing remote administrative access, it is configured to utilize port 29003 by default. This...

NEC EXPRESSCLUSTER X Old API Server 0x1D Stack Overflow Vulnerability

OCTOBER 31, 2021

EIP-2ba7cebd A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The Old API Support service (clpoldapi.exe) is the system service...

NEC EXPRESSCLUSTER X Transaction Server 0x32 Stack Overflow Vulnerability

OCTOBER 31, 2021

EIP-5f2cf48c A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The Transaction Server (clptrnsv.exe) is a system service configured to...

NEC EXPRESSCLUSTER X Transaction Server 0x3A Stack Overflow Vulnerability

OCTOBER 31, 2021

EIP-fba18752 A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The Transaction Server (clptrnsv.exe) is a system service configured to...

NEC EXPRESSCLUSTER X Disk Agent 0x104 Stack Overflow Vulnerability

OCTOBER 31, 2021

EIP-8b0cfb43 A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The Disk Agent (clpdiskagent.exe) is the component that is tasked...

NEC EXPRESSCLUSTER X Disk Agent 0x103 Stack Overflow Vulnerability

OCTOBER 31, 2021

EIP-ff1ca610 A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The Disk Agent (clpdiskagent.exe) is the component that is tasked...