CVE-2011-1566

Exploitation Summary

EIP tracks 4 public exploits for CVE-2011-1566. PoCs published by Metasploit, Luigi Auriemma, Luigi Auriemma, sinn3r, including Metasploit module exploits/windows/scada/igss9_misc.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal flaw in Interactive Graphical SCADA System v9.00, allowing arbitrary command execution via opcode 0x17. It constructs a malicious packet to trigger command injection in the dc.exe process.

Description

Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/29129

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal flaw in Interactive Graphical SCADA System v9.00, allowing arbitrary command execution via opcode 0x17. It constructs a malicious packet to trigger command injection in the dc.exe process.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Interactive Graphical SCADA System v9.00

No auth needed

Prerequisites: Network access to the target system on port 12397

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by Luigi Auriemma · textremotewindows

https://www.exploit-db.com/exploits/17024

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in IGSSdataServer.exe, including directory traversal and remote stack overflows via crafted packets sent to port 12401. Proof-of-concept code is provided for downloading, uploading, and executing arbitrary files, as well as triggering buffer overflows.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IGSS (Interactive Graphical SCADA System) <= 9.00.00.11063

No auth needed

Prerequisites: Network access to port 12401 · IGSS project running

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Luigi Auriemma, sinn3r · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/igss9_misc.rb

View Code ZIP pw:eip

This Metasploit module exploits CVE-2011-1565 and CVE-2011-1566 in 7-Technologies IGSS 9 by writing a payload via Write packets (opcode 0x0D) to the Data Server (port 12401) and executing it via an EXE packet (opcode 0x0A) to the Data Collector (port 12397).

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: 7-Technologies IGSS 9 Data Server/Collector

No auth needed

Prerequisites: Network access to ports 12401 and 12397 on the target system

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Luigi Auriemma, MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/igss_exec_17.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal flaw in Interactive Graphical SCADA System v9.00, allowing arbitrary command execution via opcode 0x17 sent to the dc.exe process. The exploit constructs a malicious packet to trigger command injection.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Interactive Graphical SCADA System v9.00

No auth needed

Prerequisites: Network access to the target system on port 12397

MITRE ATT&CK