CVE-2011-3011

CA ARCserve D2D r15 - Exposure of Sensitive Information via Session Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-3011. PoCs published by Metasploit, bannedit, rgod, including Metasploit module exploits/windows/http/ca_arcserve_rpc_authbypass.

AI-analyzed exploit summary This Metasploit module exploits an information disclosure vulnerability in CA Arcserve D2D r15 by sending a crafted GWT RPC request to retrieve Windows administrator credentials in cleartext. It then attempts to use these credentials for SMB authentication via psexec.

Description

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/41707

This Metasploit module exploits an information disclosure vulnerability in CA Arcserve D2D r15 by sending a crafted GWT RPC request to retrieve Windows administrator credentials in cleartext. It then attempts to use these credentials for SMB authentication via psexec.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: CA Arcserve D2D r15
No auth needed
Prerequisites: Network access to the target server on port 8014
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by bannedit, rgod · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb

This Metasploit module exploits an information disclosure vulnerability in CA Arcserve D2D r15 by sending a crafted RPC request to disclose Windows administrator credentials in cleartext, then attempts to authenticate via SMB using psexec.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: CA Arcserve D2D r15
No auth needed
Prerequisites: Network access to the target server on port 8014
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8338
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/519234/100/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/48897

Scores

EPSS 0.7034
EPSS Percentile 98.7%

Details

CWE
CWE-200
Status published
Products (1)
ca/arcserve_d2d r15
Published Aug 15, 2011
Tracked Since Feb 18, 2026