CVE-2011-2963

Progea Movicon 11.2 - Unauthenticated Remote Code Execution and Denial of Service via TCP Port 10651

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-2963. PoCs published by Jeremy Brown.

AI-analyzed exploit summary This exploit targets Progea Movicon TCPUploadServer, allowing unauthenticated remote execution of arbitrary functions such as file deletion, program execution, and system crashes. It crafts specific packets to trigger these actions via a vulnerable TCP service on port 10651.

Description

TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Jeremy Brown · pythonremotewindows
https://www.exploit-db.com/exploits/17034

This exploit targets Progea Movicon TCPUploadServer, allowing unauthenticated remote execution of arbitrary functions such as file deletion, program execution, and system crashes. It crafts specific packets to trigger these actions via a vulnerable TCP service on port 10651.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Progea Movicon 11 TCPUploadServer
No auth needed
Prerequisites: Network access to the target system · TCPUploadServer running on port 10651
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/46907
Patch, US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf
Patch, US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/72888
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/17034

Scores

EPSS 0.0801
EPSS Percentile 94.0%

Details

CWE
CWE-287
Status published
Products (1)
progea/movicon 11.2
Published Jul 29, 2011
Tracked Since Feb 18, 2026