Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-1866

CWE-119 — Buffer Overflow4 documents4 sources

Severity

10.0CRITICAL

EPSS

56.8%

top 1.87%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Openview Storage Data Protector

Timeline

PublishedJul 1

Latest updateMay 14

Description

Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/openview_storage_data_protector4 versions+3

🔴Vulnerability Details

GHSA

GHSA-686x-c2q2-h7xv: Buffer overflow in omniinet↗2022-05-14

▶

CVEList

CVE-2011-1866: Buffer overflow in omniinet↗2011-07-01

▶

💥Exploits & PoCs

Exploit-DB

HP Data Protector 6.20 - EXEC_CMD Buffer Overflow↗2011-06-30

▶