CVE-2011-3497

Measuresoft ScadaPro < 4.0.0 - Remote Code Execution via XF Function

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-3497. PoCs published by Luigi Auriemma, including Metasploit module exploits/windows/scada/scadapro_cmdexe.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in Measuresoft ScadaPro, including arbitrary command execution, directory traversal, and stack overflows. The provided PoC includes commands to read files, create files, delete files, and execute arbitrary commands via DLL function calls.

Description

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.

Exploits (2)

exploitdb WORKING POC

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/17844

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in Measuresoft ScadaPro, including arbitrary command execution, directory traversal, and stack overflows. The provided PoC includes commands to read files, create files, delete files, and execute arbitrary commands via DLL function calls.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Measuresoft ScadaPro <= 4.0.0

No auth needed

Prerequisites: Network access to port 11234

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Luigi Auriemma · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/scadapro_cmdexe.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in Measuresoft ScadaPro to execute arbitrary commands via the 'xf' command, leveraging msvcrt.dll's system() function to download and execute a payload.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Measuresoft ScadaPro version 4.0.0 and earlier

No auth needed

Prerequisites: Network access to the target system · Target system running Measuresoft ScadaPro with vulnerable version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/8382

US Government Resource x_refsource_misc

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf

Exploit x_refsource_misc

http://aluigi.altervista.org/adv/scadapro_1-adv.txt

Scores

EPSS 0.7126

EPSS Percentile 98.7%

Details

CWE

CWE-200

Status published

Products (45)

measuresoft/scadapro 2.1

measuresoft/scadapro 2.2

measuresoft/scadapro 2.3

measuresoft/scadapro 2.4

measuresoft/scadapro 2.4.1

measuresoft/scadapro 2.4.2

measuresoft/scadapro 2.4.3

measuresoft/scadapro 2.4.4

measuresoft/scadapro 2.4.5

measuresoft/scadapro 2.4.6

... and 35 more

Published Sep 16, 2011

Tracked Since Feb 18, 2026