This Metasploit module exploits a path traversal flaw in the HP ProCurve Manager SNAC Server. The vulnerability in the UpdateDomainControllerServlet allows an attacker to upload arbitrary files, just having into account binary writes aren't allowed. Additionally, authentication can be bypassed in order to upload the file. This Metasploit module has been tested successfully on the SNAC server installed with HP ProCurve Manager 4.0.
HP ProCurve Manager SNAC UpdateDomainControllerServlet Code Execution (CVE-2013-4811)
HP PCM+ SNAC Registration Server UpdateDomainControllerServlet Remote Code Execution Vulnerability
HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
HP PCM+ SNAC Registration Server UpdateDomainControllerServlet File Upload
HP ProCurve Manager multiple security vulnerabilities
HP ProCurve Manager, HP Identity Driven Manager multiple security vulnerabilities
[security bulletin] HPSBPV02918 rev.2 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse