CVSS: 10.0EPSS: 1%CPEs: 45EXPL: 2CVE-2011-3495 – Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-3495
16 Sep 2011 — Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command. service.exe de Measuresoft ScadaPro 4.0.0 y versiones anteriores permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en un comando (1) BF, (2) OF, o (3) EF command. • https://www.exploit-db.com/exploits/17844 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 21%CPEs: 45EXPL: 4CVE-2011-3496 – Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-3496
16 Sep 2011 — service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command. service.exe de Measuresoft ScadaPro 4.0.0 y versiones anteriores permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en un comando (1) BF, (2) OF, o (3) EF command. • https://www.exploit-db.com/exploits/17844 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 32%CPEs: 45EXPL: 2CVE-2011-3497 – Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-3497
16 Sep 2011 — service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method. service.exe de Measuresoft ScadaPro 4.0.0 y versiones anteriores permite a atacantes remotos ejecutar funciones DLL arbitrarias a través de una función XF, posiblemente relacionado con una método inseguro expuesto. • https://www.exploit-db.com/exploits/17844 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 4%CPEs: 45EXPL: 4CVE-2011-3490 – Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-3490
16 Sep 2011 — Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command. Múltiples desbordamiento de buffer de pila en service.exe de Measuresoft ScadaPro 4.0.0 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un comando ex... • https://www.exploit-db.com/exploits/17844 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •