CVE-2011-10012
published 2025-08-13CVE-2011-10012: NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a…
PriorityP349high8.4CVSS 4.0
AVLACLATNPRNUIAVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.40%
31.9th percentile
NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netop | remote_control_client | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect stack-based buffer overflow trigger: monitor for .dws configuration files containing strings longer than 520 bytes being opened by the NetOp Remote Control Client process. ↗
- →A Metasploit module exists for this vulnerability targeting Windows file format exploitation; monitor for exploit framework activity against NetOp Remote Control Client 9.5. ↗
- ·Vulnerability is specific to NetOp Remote Control Client version 9.5 only; other versions are not confirmed affected. ↗
- ·The overflow is triggered only when the crafted string within the .dws file exceeds 520 bytes; payloads at or below this threshold will not trigger the vulnerability. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://netop.com/https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/netop.rbhttps://web.archive.org/web/20120314075913/https://codework-systems.com/netop-remotecontrol-10-01-released/https://www.exploit-db.com/exploits/17223https://www.exploit-db.com/exploits/18697https://www.fortiguard.com/encyclopedia/ips/27765/netop-remote-control-dws-file-handling-buffer-overflowhttps://www.vulncheck.com/advisories/netop-remote-control-client-dws-file-buffer-overflow
2025-08-13
Published