CVE-2012-5049

Optimalog Optima PLC < 1.5.2 - Denial of Service via Malformed Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5049. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The document details two vulnerabilities in Optima APIFTP Server: a NULL pointer dereference via long path names and an endless loop caused by incomplete packets. It includes technical analysis and references external tools for exploitation.

Description

APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/18112

View Code ZIP pw:eip

The document details two vulnerabilities in Optima APIFTP Server: a NULL pointer dereference via long path names and an endless loop caused by incomplete packets. It includes technical analysis and references external tools for exploitation.

Classification

Writeup 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Optima APIFTP Server <= 1.5.2.13

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/55712

US Government Resource x_refsource_misc

http://www.us-cert.gov/control_systems/pdf/ICSA-12-271-02.pdf

Scores

EPSS 0.0343

EPSS Percentile 87.4%

Details

CWE

CWE-20

Status published

Products (5)

optimalog/optima_plc 1.4.9

optimalog/optima_plc 1.4.10

optimalog/optima_plc 1.5.0

optimalog/optima_plc 1.5.1

optimalog/optima_plc < 1.5.2

Published Sep 28, 2012

Tracked Since Feb 18, 2026