Arbitrary Command Execution in Measuresoft ScadaPro 4.0.0 and Earlier

Arbitrary Command Execution in Measuresoft ScadaPro 4.0.0 and Earlier

CVE-2011-3496 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.

Learn more about our Web Application Penetration Testing UK.