What is CVE-2011-0647?

CVE-2011-0647 is a vulnerability in Emc Networker_module, classified under Improper Input Validation. Published 2011-02-10.

Is CVE-2011-0647 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Emc Networker_module

CVE-2011-0647

The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.775 (99.0th percentile) — read the EPSS interpretation.

Affected products

Emc Networker_module — versions 2.1, 2.2
Emc Replication_manager — versions 2.0, 5.2, 5.2.2
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

rapid7/metasploit-framework

References

20110208 ESA-2011-004: EMC Replication Manager remote code execution vulnerability (mailing-list, x_refsource_BUGTRAQ)
43164 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
46235 (vdb-entry, x_refsource_BID)
replicationmanager-irccd-code-execution(65205) (vdb-entry, x_refsource_XF)
70853 (x_refsource_OSVDB, vdb-entry)
ADV-2011-0304 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
20110207 ZDI-11-061: EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
security_alert@emc.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2011-0647?: CVE-2011-0647 is a vulnerability in Emc Networker_module, classified under Improper Input Validation. Published 2011-02-10.
Is CVE-2011-0647 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.