CVE-2010-4142
Realflex Realwin - Memory Corruption
Title source: ruleDescription
Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) SCPC_INITIALIZE, (2) SCPC_INITIALIZE_RF, or (3) SCPC_TXTEVENT packet. NOTE: it was later reported that 1.06 is also affected by one of these requests.
Exploits (8)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16383
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16382
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16384
exploitdb
WORKING POC
VERIFIED
by blake · pythonremotewindows
https://www.exploit-db.com/exploits/15337
exploitdb
WORKING POC
VERIFIED
by Luigi Auriemma · textdoswindows
https://www.exploit-db.com/exploits/15259
metasploit
WORKING POC
GREAT
by Luigi Auriemma, MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/realwin_scpc_txtevent.rb
metasploit
WORKING POC
GREAT
by Luigi Auriemma, MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/realwin_scpc_initialize.rb
metasploit
WORKING POC
GREAT
by Luigi Auriemma, MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/realwin_scpc_initialize_rf.rb
Scores
EPSS
0.4908
EPSS Percentile
97.8%
Details
CWE
CWE-119
Status
published
Products (2)
realflex/realwin
1.06
realflex/realwin
2.0
Published
Nov 02, 2010
Tracked Since
Feb 18, 2026