CyberSec.Space Logo
返回 CVE 浏览器

CVE-2011-3495

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0040%
EPSS Percentile5.18th
Published2011年9月16日
Last Modified2026年4月29日

Vulnerability Description

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.

Affected Platforms (CPE)

📦
Measuresoft

Scadapro

<= 4.0.0
📦
Measuresoft

Scadapro

= 2.1
📦
Measuresoft

Scadapro

= 2.2
📦
Measuresoft

Scadapro

= 2.3
📦
Measuresoft

Scadapro

= 2.4
📦
Measuresoft

Scadapro

= 2.4.1
📦
Measuresoft

Scadapro

= 2.4.2
📦
Measuresoft

Scadapro

= 2.4.3
📦
Measuresoft

Scadapro

= 2.4.4
📦
Measuresoft

Scadapro

= 2.4.5
📦
Measuresoft

Scadapro

= 2.4.6
📦
Measuresoft

Scadapro

= 2.5
📦
Measuresoft

Scadapro

= 2.5.1
📦
Measuresoft

Scadapro

= 2.5.2
📦
Measuresoft

Scadapro

= 2.5.3
📦
Measuresoft

Scadapro

= 2.5.4
📦
Measuresoft

Scadapro

= 2.5.5
📦
Measuresoft

Scadapro

= 2.6.0
📦
Measuresoft

Scadapro

= 2.7.0
📦
Measuresoft

Scadapro

= 2.7.1
📦
Measuresoft

Scadapro

= 2.7.2
📦
Measuresoft

Scadapro

= 2.8.0
📦
Measuresoft

Scadapro

= 2.9.0
📦
Measuresoft

Scadapro

= 3.1.0
📦
Measuresoft

Scadapro

= 3.2.8
📦
Measuresoft

Scadapro

= 3.2.9
📦
Measuresoft

Scadapro

= 3.3.0
📦
Measuresoft

Scadapro

= 3.3.1
📦
Measuresoft

Scadapro

= 3.3.2
📦
Measuresoft

Scadapro

= 3.9.0
📦
Measuresoft

Scadapro

= 3.9.1
📦
Measuresoft

Scadapro

= 3.9.2
📦
Measuresoft

Scadapro

= 3.9.3
📦
Measuresoft

Scadapro

= 3.9.4
📦
Measuresoft

Scadapro

= 3.9.5
📦
Measuresoft

Scadapro

= 3.9.6
📦
Measuresoft

Scadapro

= 3.9.7
📦
Measuresoft

Scadapro

= 3.9.8
📦
Measuresoft

Scadapro

= 3.9.9
📦
Measuresoft

Scadapro

= 3.9.10
📦
Measuresoft

Scadapro

= 3.9.11
📦
Measuresoft

Scadapro

= 3.9.12
📦
Measuresoft

Scadapro

= 3.9.13
📦
Measuresoft

Scadapro

= 3.9.14
📦
Measuresoft

Scadapro

= 3.9.15

References & Advisories

🔗 http://aluigi.altervista.org/adv/scadapro_1-adv.txt
🔗 http://securityreason.com/securityalert/8382
🔗 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf
🔗 http://aluigi.altervista.org/adv/scadapro_1-adv.txt
🔗 http://securityreason.com/securityalert/8382
🔗 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf

相关漏洞威胁

CVE-2011-349610.0

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacte...

CVE-2011-349710.0

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF functi...

CVE-2011-349010.0

Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a d...

CVE-2012-18247.2

Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local user...