CVE-2010-20112
published 2025-08-21CVE-2010-20112: Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the…
PriorityP263critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.05%
59.9th percentile
Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign may result in unintended control flow behavior. This vulnerability is exposed through IIS and affects legacy Windows deployments
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amlib | amlibweb_library_management_system | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP GET requests to webquery.dll where the 'app' parameter contains an abnormally long string — SEH overwrite vector for stack buffer overflow. ↗
- →Detect HTTP GET requests to webquery.dll containing an arbitrary parameter name immediately followed by an '=' sign with no recognized parameter name — secondary EIP overwrite vector. ↗
- ·The vulnerability is exposed only when webquery.dll is deployed and accessible via IIS; non-IIS or non-Windows deployments are not affected. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://advisories.checkpoint.com/defense/advisories/public/2013/cpai-2013-1344.htmlhttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/amlibweb_webquerydll_app.rbhttps://www.amlib.co.uk/product/product.aspx?menuId=top_productshttps://www.exploit-db.com/exploits/16793https://www.fortiguard.com/encyclopedia/ips/24002https://www.vulncheck.com/advisories/amlibweb-netopacs-stack-buffer-overflowhttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/amlibweb_webquerydll_app.rbhttps://www.exploit-db.com/exploits/16793
2025-08-21
Published