2 matches found
HP Data Protector 6 EXEC_CMD Remote Code Execution
This exploit abuses a vulnerability in the HP Data Protector service. This flaw allows an unauthenticated attacker to take advantage of the EXECCMD command and traverse back to /bin/sh, this allows arbitrary remote code execution under the context of root. This module requires Metasploit:...
HP Data Protector Client EXEC_CMD Command Execution (CVE-2011-0923)
A remote code execution vulnerability has been reported in HP Data Protector. The vulnerability is due to insufficient input validation of arguments passed to the EXECCMD command. A remote attacker may exploit this vulnerability by sending a specially crafted request to an affected Data Protector...