Vulners
Lucene search
HP System Management Homepage (SMH) v2.x.x.x - Open Redirect
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | CVE-2010-1586 | 25 Apr 201000:00 | – | circl |
 | CVE-2010-1586 | 28 Apr 201022:00 | – | cve |
 | CVE-2010-1586 | 28 Apr 201022:00 | – | cvelist |
 | EUVD-2010-1613 | 7 Oct 202500:30 | – | euvd |
 | HP System Management Homepage < 6.2 Multiple Vulnerabilities | 17 Sep 201000:00 | – | nessus |
 | CVE-2010-1586 | 28 Apr 201022:30 | – | nvd |
 | HP/HPE System Management Homepage (SMH) 'RedirectUrl' URI Redirection Vulnerability (HPSBMA02583) | 5 May 201000:00 | – | openvas |
 | Open redirect | 28 Apr 201022:30 | – | prion |
 | [security bulletin] HPSBMA02583 SSRT100070 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote URL Redirection | 27 Sep 201000:00 | – | securityvulns |
| HP System Management Homepage multiple security vulnerabilities | 27 Sep 201000:00 | – | securityvulns |
10
id: CVE-2010-1586
info:
name: HP System Management Homepage (SMH) v2.x.x.x - Open Redirect
author: ctflearner
severity: medium
description: |
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.
impact: |
An attacker can exploit this vulnerability to redirect users to malicious websites, leading to potential phishing attacks or the download of malware.
remediation: |
Apply the latest patches or updates provided by HP to fix the open redirect vulnerability.
reference:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1586
- https://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58107
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
cvss-score: 4.3
cve-id: CVE-2010-1586
cwe-id: CWE-20
epss-score: 0.10647
epss-percentile: 0.95228
cpe: cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: hp
product: system_management_homepage
tags: cve,cve2010,redirect,smh,hp,vuln
http:
- method: GET
path:
- "{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
# digest: 4a0a004730450220792c46d9588137dd4145658a1b2825d57a236a62f6818fe0388f1defb13f947e022100dcb0de6e42472001ac09154a61f44fae17b272e4595ef8b2bbaac5761aff78a3:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
6Medium risk
Vulners AI Score6
CVSS 24.3
EPSS0.10647