CNNVD-202508-3659 Information

Aug 30, 2025 cve

CNNVD ID

CNNVD-202508-3659

CVE-2011-10032

  • CNNVD Published: 2025-08-30

Description (Chinese)

Sunway ForceControl是中国双威(Sunway)公司的一款工业监控组态软件。 Sunway ForceControl 6.1 SP3及之前版本存在安全漏洞,该漏洞源于SNMP NetDBServer服务对数据包解析时边界检查不足,可能导致栈缓冲区溢出和远程代码执行。

Description (English)

Sunway ForceControl is an industrial monitoring group software for Sunway China. The security gap in Sunway ForceControl 6.1 SP3 and previous versions stems from the lack of border checks when the SNMMP NetDBServer service resolves the data package, which may lead to spills and remote code implementation in the silo buffer zone.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

双威

Published

2025-08-30

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/sunway-forcecontrol-snmp-netdbserver-opcode https://www.fortiguard.com/encyclopedia/ips/29449 https://www.exploit-db.com/exploits/18448 http://www.sunwayland.com.cn/pro.asp https://web.archive.org/web/20110611043512/ https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb http://www.sunwayland.com/ http://aluigi.altervista.org/adv/forcecontrol_1-adv.txt https://nvd.nist.gov/vuln/detail/CVE-2011-10032 https://access.redhat.com/security/cve/cve-2011-10032

Share on: