Measuresoft: >> Scadapro >> 2.4.1 Security Vulnerabilities
Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.
CVSS Score
10.0
EPSS Score
0.185
Published
2011-09-16
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
CVSS Score
10.0
EPSS Score
0.188
Published
2011-09-16
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.
CVSS Score
10.0
EPSS Score
0.722
Published
2011-09-16
Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command.
CVSS Score
10.0
EPSS Score
0.25
Published
2011-09-16