CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 3CVE-2011-10012 – NetOp Remote Control Client 9.5 .dws File Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-10012
13 Aug 2025 — NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/netop.rb • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 1CVE-2021-36134 – Out of bounds write in Netop Vision Pro
https://notcve.org/view.php?id=CVE-2021-36134
27 Sep 2021 — Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS). Una vulnerabilidad de escritura fuera de límites en el código de análisis de JPEG de Netop Vision Pro versiones hasta 9.7.2 incluyéndola, permite a un atacante adyacente no autenticado escribir en memoria arbitraria, conllevando potencialmente a una denegación de servicio (DoS) • https://www.mcafee.com/blogs/?p=127255&preview=true • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27195
https://notcve.org/view.php?id=CVE-2021-27195
25 Mar 2021 — Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an attacker to replay network traffic. Una vulnerabilidad de Autorización Incorrecta en Netop Vision Pro versiones hasta 9.7.1, incluyéndola, permite a un atacante reproducir el tráfico de red • https://www.mcafee.com/blogs/other-blogs/mcafee-labs/netop-vision-pro-distance-learning-software-is-20-20-in-hindsight • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27194
https://notcve.org/view.php?id=CVE-2021-27194
25 Mar 2021 — Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to gather credentials including Windows login usernames and passwords. Una transmisión a texto sin cifrar de información confidencial en Netop Vision Pro versiones hasta 9.7.1 incluyéndola, permite a un atacante remoto no autenticado recopilar credenciales, incluyendo los nombres de usuario y contraseñas de inicio de sesión de Windows • https://www.mcafee.com/blogs/other-blogs/mcafee-labs/netop-vision-pro-distance-learning-software-is-20-20-in-hindsight • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2021-27193
https://notcve.org/view.php?id=CVE-2021-27193
25 Mar 2021 — Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to read and write files on the remote machine with system privileges resulting in a privilege escalation. Una vulnerabilidad de permisos predeterminados incorrectos en la API de Netop Vision Pro versiones hasta 9.7.1 incluyéndola, permite a un atacante remoto no autenticado leer y escribir archivos en la máquina remota con privilegios system, resultando una escalada d... • https://www.mcafee.com/blogs/other-blogs/mcafee-labs/netop-vision-pro-distance-learning-software-is-20-20-in-hindsight • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27192
https://notcve.org/view.php?id=CVE-2021-27192
25 Mar 2021 — Local privilege escalation vulnerability in Windows clients of Netop Vision Pro up to and including 9.7.1 allows a local user to gain administrator privileges whilst using the clients. Una vulnerabilidad de escalada de privilegios locales en clientes Windows de Netop Vision Pro versiones hasta 9.7.1 incluyéndola, permite a un usuario local alcanzar privilegios de administrador mientras usa los clientes • https://www.mcafee.com/blogs/other-blogs/mcafee-labs/netop-vision-pro-distance-learning-software-is-20-20-in-hindsight • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5216
https://notcve.org/view.php?id=CVE-2017-5216
09 Jan 2017 — Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. The affected module in the Guest client is the "Import to Phonebook" option. When a specially designed malicious file containing special characters is loaded, the overflow occurs. 12.51 is the fixed version. The Support case ref is 00109744. Desbordamiento de búfer basado en pila en Netop Remote Control versiones 11.53, 12.21 y anteriores. • http://www.netop.com/fileadmin/netop/resources/products/administration/remote_control/release_notes/NetopRemoteControl_12.51_ModificationNotes_final.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •