cbcvebase.
CVE-2012-2986
published 2012-08-20

CVE-2012-2986: lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell…

PriorityP348high7.7CVSS 2.0
AVAACLAuSCCICAC
EXPLOIT
EPSS
4.42%
90.1th percentile
lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361.

Affected

1 ranges
VendorProductVersion rangeFixed in
hpsan_iq
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.