CVE-2011-1566

Опубликовано: 05 апр. 2011

Источник: nvd

CVSS2: 10

EPSS Высокий

Описание

Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397.

Ссылки

http://aluigi.org/adv/igss_8-adv.txt
http://secunia.com/advisories/43849
Vendor Advisory
http://www.exploit-db.com/exploits/17024
Exploit
http://www.securityfocus.com/bid/46936
Exploit
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf
US Government Resource
http://www.vupen.com/english/advisories/2011/0741
Vendor Advisory
http://aluigi.org/adv/igss_8-adv.txt
http://secunia.com/advisories/43849
Vendor Advisory
http://www.exploit-db.com/exploits/17024
Exploit
http://www.securityfocus.com/bid/46936
Exploit
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf
US Government Resource
http://www.vupen.com/english/advisories/2011/0741
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:7t:igss:*:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.77663

Высокий

10 Critical

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-xcfw-vq92-pfw7

github

больше 3 лет назад