### [CVE-2011-10012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-10012)
![](https://img.shields.io/static/v1?label=Product&message=Remote%20Control%20Client&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=9.5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%20Stack-based%20Buffer%20Overflow&color=brightgreen)

### Description

NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.

### POC

#### Reference
- https://www.exploit-db.com/exploits/17223
- https://www.exploit-db.com/exploits/18697
- https://www.vulncheck.com/advisories/netop-remote-control-client-dws-file-buffer-overflow

#### Github
No PoCs found on GitHub currently.