CVE-2011-3493

Cogent DataHub <7.1.1.63 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-3493. PoCs published by mr_me, Luigi Auriemma.

AI-analyzed exploit summary This exploit targets a Unicode buffer overflow in Cogent DataHub <= v7.1.1.63, delivering a reverse shell on port 1337. It uses a crafted payload with alignment adjustments and shellcode to achieve remote code execution.

Description

Multiple stack-based buffer overflows in the DH_OneSecondTick function in Cogent DataHub 7.1.1.63 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) domain, (2) report_domain, (3) register_datahub, or (4) slave commands.

Exploits (2)

exploitdb WORKING POC VERIFIED

by mr_me · pythonremotewindows

https://www.exploit-db.com/exploits/17884

View Code ZIP pw:eip

This exploit targets a Unicode buffer overflow in Cogent DataHub <= v7.1.1.63, delivering a reverse shell on port 1337. It uses a crafted payload with alignment adjustments and shellcode to achieve remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Cogent DataHub <= v7.1.1.63

No auth needed

Prerequisites: Network access to target on port 4502 · Target running vulnerable version of Cogent DataHub

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/17838

View Code ZIP pw:eip

This exploit targets a stack-based Unicode buffer overflow in Cogent DataHub's DH_OneSecondTick function via commands like 'domain' or 'register_datahub'. The PoC sends a crafted payload over port 4052 (or 4053 with SSL) to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Cogent DataHub <= 7.1.1.63

No auth needed

Prerequisites: network access to target ports (4052/4053)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit x_refsource_misc

http://aluigi.altervista.org/adv/cogent_1-adv.txt

US Government Resource x_refsource_misc

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-03.pdf

Scores

EPSS 0.0778

EPSS Percentile 93.9%

Details

CWE

CWE-119

Status published

Products (5)

cogentdatahub/cogent_datahub 7.0

cogentdatahub/cogent_datahub 7.0.2

cogentdatahub/cogent_datahub 7.1.0

cogentdatahub/cogent_datahub 7.1.1

cogentdatahub/cogent_datahub < 7.1.1.63

Published Sep 16, 2011

Tracked Since Feb 18, 2026