What is CVE-2011-3495?

CVE-2011-3495 is a vulnerability in Measuresoft Scadapro, classified under Path Traversal. Published 2011-09-16.

Is CVE-2011-3495 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Measuresoft Scadapro

CVE-2011-3495

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.056 (90.5th percentile) — read the EPSS interpretation.

Affected products

Measuresoft Scadapro — versions 2.1, 2.2, 2.3
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

8382 (x_refsource_SREASON, third-party-advisory)
cve@mitre.org (US Government Resource, x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2011-3495?: CVE-2011-3495 is a vulnerability in Measuresoft Scadapro, classified under Path Traversal. Published 2011-09-16.
Is CVE-2011-3495 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.