CyberSec.Space Logo
Back to CVE Browser

CVE-2011-3495

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0040%
EPSS Percentile5.18th
PublishedSep 16, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.

Affected Platforms (CPE)

πŸ“¦
Measuresoft

Scadapro

<= 4.0.0
πŸ“¦
Measuresoft

Scadapro

= 2.1
πŸ“¦
Measuresoft

Scadapro

= 2.2
πŸ“¦
Measuresoft

Scadapro

= 2.3
πŸ“¦
Measuresoft

Scadapro

= 2.4
πŸ“¦
Measuresoft

Scadapro

= 2.4.1
πŸ“¦
Measuresoft

Scadapro

= 2.4.2
πŸ“¦
Measuresoft

Scadapro

= 2.4.3
πŸ“¦
Measuresoft

Scadapro

= 2.4.4
πŸ“¦
Measuresoft

Scadapro

= 2.4.5
πŸ“¦
Measuresoft

Scadapro

= 2.4.6
πŸ“¦
Measuresoft

Scadapro

= 2.5
πŸ“¦
Measuresoft

Scadapro

= 2.5.1
πŸ“¦
Measuresoft

Scadapro

= 2.5.2
πŸ“¦
Measuresoft

Scadapro

= 2.5.3
πŸ“¦
Measuresoft

Scadapro

= 2.5.4
πŸ“¦
Measuresoft

Scadapro

= 2.5.5
πŸ“¦
Measuresoft

Scadapro

= 2.6.0
πŸ“¦
Measuresoft

Scadapro

= 2.7.0
πŸ“¦
Measuresoft

Scadapro

= 2.7.1
πŸ“¦
Measuresoft

Scadapro

= 2.7.2
πŸ“¦
Measuresoft

Scadapro

= 2.8.0
πŸ“¦
Measuresoft

Scadapro

= 2.9.0
πŸ“¦
Measuresoft

Scadapro

= 3.1.0
πŸ“¦
Measuresoft

Scadapro

= 3.2.8
πŸ“¦
Measuresoft

Scadapro

= 3.2.9
πŸ“¦
Measuresoft

Scadapro

= 3.3.0
πŸ“¦
Measuresoft

Scadapro

= 3.3.1
πŸ“¦
Measuresoft

Scadapro

= 3.3.2
πŸ“¦
Measuresoft

Scadapro

= 3.9.0
πŸ“¦
Measuresoft

Scadapro

= 3.9.1
πŸ“¦
Measuresoft

Scadapro

= 3.9.2
πŸ“¦
Measuresoft

Scadapro

= 3.9.3
πŸ“¦
Measuresoft

Scadapro

= 3.9.4
πŸ“¦
Measuresoft

Scadapro

= 3.9.5
πŸ“¦
Measuresoft

Scadapro

= 3.9.6
πŸ“¦
Measuresoft

Scadapro

= 3.9.7
πŸ“¦
Measuresoft

Scadapro

= 3.9.8
πŸ“¦
Measuresoft

Scadapro

= 3.9.9
πŸ“¦
Measuresoft

Scadapro

= 3.9.10
πŸ“¦
Measuresoft

Scadapro

= 3.9.11
πŸ“¦
Measuresoft

Scadapro

= 3.9.12
πŸ“¦
Measuresoft

Scadapro

= 3.9.13
πŸ“¦
Measuresoft

Scadapro

= 3.9.14
πŸ“¦
Measuresoft

Scadapro

= 3.9.15

References & Advisories

πŸ”— http://aluigi.altervista.org/adv/scadapro_1-adv.txt
πŸ”— http://securityreason.com/securityalert/8382
πŸ”— http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf
πŸ”— http://aluigi.altervista.org/adv/scadapro_1-adv.txt
πŸ”— http://securityreason.com/securityalert/8382
πŸ”— http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf

Related Vulnerabilities

CVE-2011-349610.0

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacte...

CVE-2011-349710.0

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF functi...

CVE-2011-349010.0

Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a d...

CVE-2012-18247.2

Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local user...