QwikSec

Security Database

CVE

CWE

Training

CVE-2011-10012

Published: Aug 13, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.

Vendor	Product	Versions
NetOp	Remote Control Client	affected `9.5`

Weaknesses (CWE)

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/netop.rb

exploit

https://www.exploit-db.com/exploits/17223

exploit

https://www.exploit-db.com/exploits/18697

exploit

https://www.fortiguard.com/encyclopedia/ips/27765/netop-remote-control-dws-file-handling-buffer-overflow

third-party-advisory

https://netop.com/

product

https://web.archive.org/web/20120314075913/https://codework-systems.com/netop-remotecontrol-10-01-released/

patch

https://www.vulncheck.com/advisories/netop-remote-control-client-dws-file-buffer-overflow

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.