Cogent DataHub < 7.3.4 Malformed POST Request Buffer Overflow RCE

High Nessus Plugin ID 72486


The remote host is running an application that is affected by a remote code execution vulnerability.


The remote host is running a version of Cogent DataHub, formerly known as Cascade DataHub and OFC DataHub, that is prior to 7.3.4. It is, therefore, affected by a remote code execution vulnerability that is triggered when handling malformed POST query strings. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code in the context of the DataHub process.


Upgrade to Cogent DataHub version 7.3.4 or later.

See Also

Plugin Details

Severity: High

ID: 72486

File Name: scada_cogent_datahub_7_3_4.nbin

Version: $Revision: 1.24 $

Type: remote

Family: SCADA

Published: 2014/02/13

Modified: 2018/01/29

Dependencies: 70556

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:cogentdatahub:cogent_datahub

Required KB Items: Settings/ParanoidReport, SCADA/cogent_datahub

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/10/21

Vulnerability Publication Date: 2013/11/24

Reference Information

BID: 63397

OSVDB: 98942

ZDI: ZDI-13-252