Hewlett-Packard Managed Printing Administrator mdbBuildValueBasedSQL() Remote Code Execution Vulnerability

ID ZDI-13-093
Type zdi
Reporter Andrea Micalizzi aka rgod
Modified 2013-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the mdbBuildValueBasedSQL function inside the mdbObjectWrapper class. It is possible for a remote, unauthenticated user to inject arbitrary SQL commands in a GET request which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.