Scadapro
Vulnerabilities
5
Known exploited
0
Max CVSS
10
Top EPSS
0.58746
Severity breakdown
Critical
4
High
0
Medium
1
Low
0
Affected version ranges
≤ 4.0.0
Also matched as (raw): scadapro
Top vulnerabilities
CVE-2011-3497service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.
CVE-2011-3496service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
CVE-2011-3495Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.
CVE-2011-3490Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command.
CVE-2024-3746The entire parent directory - C:\ScadaPro and its sub-directories and
files are configured by default to allow user, including unprivileged
users, to write or overwrite files.