CyberSec.Space Logo
Back to CVE Browser

CVE-2011-3496

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0330%
EPSS Percentile28.78th
PublishedSep 16, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.

Affected Platforms (CPE)

πŸ“¦
Measuresoft

Scadapro

<= 4.0.0
πŸ“¦
Measuresoft

Scadapro

= 2.1
πŸ“¦
Measuresoft

Scadapro

= 2.2
πŸ“¦
Measuresoft

Scadapro

= 2.3
πŸ“¦
Measuresoft

Scadapro

= 2.4
πŸ“¦
Measuresoft

Scadapro

= 2.4.1
πŸ“¦
Measuresoft

Scadapro

= 2.4.2
πŸ“¦
Measuresoft

Scadapro

= 2.4.3
πŸ“¦
Measuresoft

Scadapro

= 2.4.4
πŸ“¦
Measuresoft

Scadapro

= 2.4.5
πŸ“¦
Measuresoft

Scadapro

= 2.4.6
πŸ“¦
Measuresoft

Scadapro

= 2.5
πŸ“¦
Measuresoft

Scadapro

= 2.5.1
πŸ“¦
Measuresoft

Scadapro

= 2.5.2
πŸ“¦
Measuresoft

Scadapro

= 2.5.3
πŸ“¦
Measuresoft

Scadapro

= 2.5.4
πŸ“¦
Measuresoft

Scadapro

= 2.5.5
πŸ“¦
Measuresoft

Scadapro

= 2.6.0
πŸ“¦
Measuresoft

Scadapro

= 2.7.0
πŸ“¦
Measuresoft

Scadapro

= 2.7.1
πŸ“¦
Measuresoft

Scadapro

= 2.7.2
πŸ“¦
Measuresoft

Scadapro

= 2.8.0
πŸ“¦
Measuresoft

Scadapro

= 2.9.0
πŸ“¦
Measuresoft

Scadapro

= 3.1.0
πŸ“¦
Measuresoft

Scadapro

= 3.2.8
πŸ“¦
Measuresoft

Scadapro

= 3.2.9
πŸ“¦
Measuresoft

Scadapro

= 3.3.0
πŸ“¦
Measuresoft

Scadapro

= 3.3.1
πŸ“¦
Measuresoft

Scadapro

= 3.3.2
πŸ“¦
Measuresoft

Scadapro

= 3.9.0
πŸ“¦
Measuresoft

Scadapro

= 3.9.1
πŸ“¦
Measuresoft

Scadapro

= 3.9.2
πŸ“¦
Measuresoft

Scadapro

= 3.9.3
πŸ“¦
Measuresoft

Scadapro

= 3.9.4
πŸ“¦
Measuresoft

Scadapro

= 3.9.5
πŸ“¦
Measuresoft

Scadapro

= 3.9.6
πŸ“¦
Measuresoft

Scadapro

= 3.9.7
πŸ“¦
Measuresoft

Scadapro

= 3.9.8
πŸ“¦
Measuresoft

Scadapro

= 3.9.9
πŸ“¦
Measuresoft

Scadapro

= 3.9.10
πŸ“¦
Measuresoft

Scadapro

= 3.9.11
πŸ“¦
Measuresoft

Scadapro

= 3.9.12
πŸ“¦
Measuresoft

Scadapro

= 3.9.13
πŸ“¦
Measuresoft

Scadapro

= 3.9.14
πŸ“¦
Measuresoft

Scadapro

= 3.9.15

References & Advisories

πŸ”— http://aluigi.altervista.org/adv/scadapro_1-adv.txt
πŸ”— http://securityreason.com/securityalert/8382
πŸ”— http://www.exploit-db.com/exploits/17848
πŸ”— http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf
πŸ”— http://aluigi.altervista.org/adv/scadapro_1-adv.txt
πŸ”— http://securityreason.com/securityalert/8382
πŸ”— http://www.exploit-db.com/exploits/17848
πŸ”— http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf

Related Vulnerabilities

CVE-2011-349510.0

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to re...

CVE-2011-349710.0

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF functi...

CVE-2011-349010.0

Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a d...

CVE-2012-18247.2

Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local user...