Published: 06/02/2012 Updated: 11/12/2012

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

webvrpcs.exe in Advantech/BroadWin WebAccess allows remote malicious users to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592.

Vulnerable Product	Search on Vulmon	Subscribe to Product
broadwin webaccess

source: wwwsecurityfocuscom/bid/47008/info Advantech/BroadWin SCADA WebAccess is prone to multiple remote vulnerabilities including an information-disclosure issue and a remote code-execution issue An attacker can exploit these issues to execute arbitrary code and gain access to sensitive information Other attacks may also be possible ...

CWE-94 http://www.securityfocus.com/bid/47008 http://www.us-cert.gov/control_systems/pdf/ICSA-11-094-02A.pdf http://www.securityfocus.com/archive/1/517117 http://www.reversemode.com/downloads/exploit_advantech.zip http://www.reversemode.com/downloads/Scada_Trojans_Ruben_Rootedcon.pdf http://reversemode.com/index.php?option=com_content&task=view&id=72&Itemid=1 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-081-01.pdf https://nvd.nist.gov https://www.exploit-db.com/exploits/35495/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-4041

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect