CVEs-PoC/2011/CVE-2011-3495.md

### [CVE-2011-3495](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3495)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.

### POC

#### Reference
- http://aluigi.altervista.org/adv/scadapro_1-adv.txt
- http://securityreason.com/securityalert/8382

#### Github
No PoCs found on GitHub currently.