Vulnerability Description
Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 7T | Igss | All versions |
Related Weaknesses (CWE)
References
- http://aluigi.org/adv/igss_8-adv.txt
- http://secunia.com/advisories/43849Vendor Advisory
- http://www.exploit-db.com/exploits/17024Exploit
- http://www.securityfocus.com/bid/46936Exploit
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdfUS Government Resource
- http://www.vupen.com/english/advisories/2011/0741Vendor Advisory
- http://aluigi.org/adv/igss_8-adv.txt
- http://secunia.com/advisories/43849Vendor Advisory
- http://www.exploit-db.com/exploits/17024Exploit
- http://www.securityfocus.com/bid/46936Exploit
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdfUS Government Resource
- http://www.vupen.com/english/advisories/2011/0741Vendor Advisory
FAQ
What is CVE-2011-1566?
CVE-2011-1566 is a vulnerability with a CVSS score of 10.0 (HIGH). Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot...
How severe is CVE-2011-1566?
CVE-2011-1566 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1566?
Check the references section above for vendor advisories and patch information. Affected products include: 7T Igss.