Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1553

CWE-119Buffer Overflow6 documents5 sources
Severity
10.0CRITICAL
EPSS
83.9%
top 0.70%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
HP Openview Network Node Manager
Timeline
PublishedMay 13
Latest updateMay 14

Description

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDhp/openview_network_node_manager7.0.1, 7.51, 7.53+2

🔴Vulnerability Details

2
GHSA
GHSA-qhfv-pjhr-x49x: Stack-based buffer overflow in getnnmdata2022-05-14
CVEList
CVE-2010-1553: Stack-based buffer overflow in getnnmdata2010-05-13

💥Exploits & PoCs

2
Exploit-DB
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' (MaxAge) CGI Buffer Overflow (Metasploit)2011-03-24
Exploit-DB
HP OpenView Network Node Manager (OV NNM) - 'getnnmdata.exe' CGI Invalid MaxAge Remote Code Execution2010-07-02

💬Community

1
Bugzilla
CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 t1lib various flaws [fedora-all]2012-01-10
CVE-2010-1553 (CRITICAL CVSS 10) | Stack-based buffer overflow in getn | cvebase.io