Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-1566

Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397.

Published

2011-04-05T15:19:36.040

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	7t	igss	*	Yes

References

http://aluigi.org/adv/igss_8-adv.txt ([email protected])
http://secunia.com/advisories/43849 Vendor Advisory ([email protected])
http://www.exploit-db.com/exploits/17024 Exploit ([email protected])
http://www.securityfocus.com/bid/46936 Exploit ([email protected])
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf US Government Resource ([email protected])
http://www.vupen.com/english/advisories/2011/0741 Vendor Advisory ([email protected])
http://aluigi.org/adv/igss_8-adv.txt (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43849 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/17024 Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/46936 Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0741 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)