BroadWin WebAccess SCADA/HMI Client Remote Code Execution
| EKU-ID: 1213 | CVE: | OSVDB-ID: |
| Author: Snake | Published: 2011-10-31 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 1213 | CVE: | OSVDB-ID: |
| Author: Snake | Published: 2011-10-31 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: BroadWin WebAccess SCADA/HMI Client Remote Code
Execution Vulnerability [0day]
# Date: 11/30/2011
# Author: Snake ( Shahriyar.j < at > gmail )
# Tested on: XP SP3 , IE6
# CVE : NO-CVE
# just for fun
WebAccess is the first fully web browser-based software package for
human-machine interfaces (HMI), and supervisory control and data
acquisition (SCADA). bwocxrun.ocx ActiveX component is prone to
a remote code execution vulnerability by combination of some ActiveX
methods to creating a arbitrary file in arbitrary location.
the following exploit take advantage of windows WMI and .mof files
to execute arbitrary code on the target machine.
-Snake ( Shahriyar.j < at > gmail )
twitter.com/ponez
Exploit: http://www.exploit-db.com/sploits/18051.zip
Ref :
*http://broadwin.com/Client.htm
*http://www.exploit-db.com/exploits/17772/
*Metasploit Mof Generator