CVE-2011-4881

atvise webMI2ADS < 2.0.2 - Denial of Service via Crafted HTTP Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4881.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in atvise webMI2ADS, including directory traversal, NULL pointer dereference, remote shutdown, and resource consumption via crafted HTTP requests. It provides functional commands and tools to trigger these issues.

Description

The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request.

Exploits (1)

exploitdb WORKING POC

doswindows

https://www.exploit-db.com/exploits/17963

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in atvise webMI2ADS, including directory traversal, NULL pointer dereference, remote shutdown, and resource consumption via crafted HTTP requests. It provides functional commands and tools to trigger these issues.

Classification

Working Poc 95%

Attack Type

Dos | Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: atvise webMI2ADS <= 1.0

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1006 - Direct Volume Access T1499 - Endpoint Denial of Service T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

US Government Resource x_refsource_misc

http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-01.pdf

Scores

EPSS 0.0762

EPSS Percentile 93.8%

Details

Status published

Products (3)

atvise/webmi2ads 1.0

atvise/webmi2ads 2.0

atvise/webmi2ads < 2.0.1

Published Apr 13, 2012

Tracked Since Feb 18, 2026