HP StorageWorks P4000 Virtual SAN Appliance Command Execution

2012-05-19T19:53:45
ID MSF:EXPLOIT/MULTI/MISC/HP_VSA_EXEC
Type metasploit
Reporter Rapid7
Modified 2020-10-02T20:00:37

Description

This module exploits a vulnerability found in HP's StorageWorks P4000 VSA on versions prior to 9.5. By using a default account credential, it is possible to inject arbitrary commands as part of a ping request via port 13838.