Vulnerabilities > CVE-2012-5201 - Unspecified vulnerability in HP products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 11 |
Exploit-Db
description | HP Intelligent Management Center Arbitrary File Upload. CVE-2012-5201. Remote exploit for windows platform |
id | EDB-ID:24891 |
last seen | 2016-02-03 |
modified | 2013-03-26 |
published | 2013-03-26 |
reporter | metasploit |
source | https://www.exploit-db.com/download/24891/ |
title | HP Intelligent Management Center Arbitrary File Upload |
Metasploit
description | This module exploits a code execution flaw in HP Intelligent Management Center. The vulnerability exists in the mibFileUpload which is accepting unauthenticated file uploads and handling zip contents in an insecure way. Combining both weaknesses a remote attacker can accomplish arbitrary file upload. This module has been tested successfully on HP Intelligent Management Center 5.1 E0202 over Windows 2003 SP2. |
id | MSF:EXPLOIT/WINDOWS/HTTP/HP_IMC_MIBFILEUPLOAD |
last seen | 2020-05-24 |
modified | 2017-09-14 |
published | 2013-03-24 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/http/hp_imc_mibfileupload.rb |
title | HP Intelligent Management Center Arbitrary File Upload |
Nessus
NASL family | Gain a shell remotely |
NASL id | HP_IMC_52_E401.NASL |
description | The version of HP Intelligent Management Center running on the remote host is potentially affected by multiple vulnerabilities : - A cross-site scripting vulnerability exists in the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 65255 |
published | 2013-03-13 |
reporter | This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/65255 |
title | HP Intelligent Management Center < 5.2 E401 Multiple Vulnerabilities |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/120949/hp_imc_mibfileupload.rb.txt |
id | PACKETSTORM:120949 |
last seen | 2016-12-05 |
published | 2013-03-26 |
reporter | rgod |
source | https://packetstormsecurity.com/files/120949/HP-Intelligent-Management-Center-Arbitrary-File-Upload.html |
title | HP Intelligent Management Center Arbitrary File Upload |
Saint
bid | 58385 |
description | HP Intelligent Management Center mibFileUpload Servlet Unrestricted File Creation |
osvdb | 91026 |
title | hp_imc_mibfileupload_servlet |
type | remote |