HP Intelligent Management Center (IMC), also known as HP iNode Management Center, is a comprehensive management platform for delivering integrated, modular network management capabilities.
HP IMC 5.1 E0202 and earlier is vulnerable to remote code execution as a result of the
**mibFileUpload** servlet allowing an unauthenticated remote attacker to create arbitrary files on the vulnerable server. A successful attacker could execute arbitrary code on the server in the context of the SYSTEM user.
Apply updates as directed in HP Security Bulletin HPSBGN02854 SSRT100881.
This exploit was tested against HP Intelligent Management Center v5.1 E0202 on Windows Server 2003 SP2 English and Windows Server 2008 SP2 with DEP OptOut.
The Perl module
**Archive::Zip** is required to run the exploit.