Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability
Information
Severity
Severity
Critical
Family
Family
Denial of Service
CVSSv2 Base
CVSSv2 Base
10.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
9 years ago
Modified
Modified
5 years ago
Summary
This host is installed with 7T Interactive Graphical SCADA System and is prone to remote command execution vulnerability.
Insight
Insight
Flaw is due to dc.exe not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 0xa and 0x17 opcodes.
Affected Software
Affected Software
Interactive Graphical SCADA System dc.exe <= 9.00.00.11059
Detection Method
Detection Method
Send a crafted request via and check whether it is able to execute the command remotely.
Solution
Solution
Upgrade to version 9.00.00.11083 or later.