Vulnerabilities > CVE-2014-2623 - Remote Code Execution vulnerability in HP Storage Data Protector 8.0/8.10

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
hp
critical
exploit available
metasploit
NVD
Published: 2014-07-18
Updated: 2017-01-07

Summary

Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors. Per: https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04373818-2%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken "HP Storage Data Protector v8.X running on Windows 2003/2008/7/8"

Vulnerable Configurations

Part Description Count
Application
Hp
8

Exploit-Db

  • descriptionHP Data Protector 8.10 Remote Command Execution. CVE-2014-2623. Remote exploit for windows platform
    fileexploits/windows/remote/36304.rb
    idEDB-ID:36304
    last seen2016-02-04
    modified2015-03-06
    platformwindows
    port5555
    published2015-03-06
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/36304/
    titleHP Data Protector 8.10 Remote Command Execution
    typeremote
  • descriptionHP Data Protector 8.x - Remote Command Execution. CVE-2014-2623. Remote exploit for hp-ux platform
    fileexploits/hp-ux/remote/35961.py
    idEDB-ID:35961
    last seen2016-02-04
    modified2015-01-30
    platformhp-ux
    port
    published2015-01-30
    reporterJuttikhun Khamchaiyaphum
    sourcehttps://www.exploit-db.com/download/35961/
    titleHP Data Protector 8.x - Remote Command Execution
    typeremote
  • descriptionHP Data Protector Manager 8.10 - Remote Command Execution. CVE-2014-2623. Remote exploit for windows platform
    fileexploits/windows/remote/34066.py
    idEDB-ID:34066
    last seen2016-02-03
    modified2014-07-14
    platformwindows
    port
    published2014-07-14
    reporterPolunchis
    sourcehttps://www.exploit-db.com/download/34066/
    titleHP Data Protector Manager 8.10 - Remote Command Execution
    typeremote

Metasploit

descriptionThis module exploits a remote command execution on HP Data Protector 8.10. Arbitrary commands can be executed by sending crafted requests with opcode 28 to the OmniInet service listening on the TCP/5555 port. Since there is a strict length limitation on the command, rundll32.exe is executed, and the payload is provided through a DLL by a fake SMB server. This module has been tested successfully on HP Data Protector 8.1 on Windows 7 SP1.
idMSF:EXPLOIT/WINDOWS/MISC/HP_DATAPROTECTOR_CMD_EXEC
last seen2020-06-05
modified2017-09-14
published2015-03-04
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/hp_dataprotector_cmd_exec.rb
titleHP Data Protector 8.10 Remote Command Execution

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/130658/hp_dataprotector_cmd_exec.rb.txt
idPACKETSTORM:130658
last seen2016-12-05
published2015-03-05
reporterChristian Ramirez
sourcehttps://packetstormsecurity.com/files/130658/HP-Data-Protector-8.10-Remote-Command-Execution.html
titleHP Data Protector 8.10 Remote Command Execution

Saint

  • bid68672
    descriptionHP Data Protector Unauthenticated Remote Code Execution
    idnet_openview_hpdataprot
    osvdb109069
    titlehp_data_protector_tesertest
    typeremote
  • bid68672
    descriptionHP Data Protector Windows Unauthenticated Remote Code Execution
    idnet_openview_hpdataprot
    osvdb109069
    titlehp_data_protector_perl
    typeremote

Seebug

bulletinFamilyexploit
descriptionNo description provided by source.
idSSV:89446
last seen2017-11-19
modified2015-09-17
published2015-09-17
sourcehttps://www.seebug.org/vuldb/ssvid-89446
titleHP Data Protector 8.x - Remote Command Execution

References