CVE-2021-25140

A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This...

HPE Moonshot Provisioning Manager Path Traversal Vulnerability

A path traversal vulnerability in HPE Moonshot Provisioning Manager prior to v1.20, which stems from incorrectly handling user input that results in traversing a directory triggering khuploadfile.cgi, can be exploited by an attacker to cause remote code execution, denial of service, and/or...

(0Day) Hewlett Packard Enterprise Moonshot Provisioning Manager khuploadfile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Hewlett Packard Enterprise Moonshot Provisioning Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the khuploadfile.cgi binary. The issue results...

Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance khuploadfile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Moonshot Provisioning Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the khuploadfile.cgi file. The issue results...

Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance khuploadfile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Moonshot Provisioning Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the khuploadfile.cgi file. The issue results...