HP Smart Storage Administrator (HP SSA) is a web-based application that helps an administrator configure, manage, diagnose, and monitor HP ProLiant Smart Array Controllers and other storage devices such as host bus adapters (HBAs) and HP Storage controllers.
A command injection vulnerability in HP Smart Storage Administrator allows remote attackers to execute arbitrary commands by sending a specially crafted query string in the URL of a GET request.
Update to HP Smart Storage Administrator v22.214.171.124 or later.
Anonymous access must be enabled.
Exploit requires the IO::Socket::SSL Perl module to be installed on the SAINTexploit host.