Scada Web Server
CVE-2015-1001
CRITICAL
Severity by source
AV:N/AC:L/Au:N/C:C/I:C/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:N/C:C/I:C/A:C
Lifecycle Timeline
1DescriptionCVE.org
Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request.
AnalysisAI
Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request. Affected products include: Ininet Solutions Scada Web Server. Version information: before 2.02.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Scada Web Server
View allA Directory Traversal issue was discovered in SpiderControl SCADA Web Server. Rated high severity (CVSS 7.5), this vulne
IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to
Directory traversal vulnerability in IniNet embeddedWebServer (aka eWebServer) before 2.02 allows remote attackers to re
IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE uses cleartext for password storage, which allows c
Same weakness CWE-119 – Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today