Vulnerability Note VU#735364
HP System Management Homepage contains a command injection vulnerability
HP System Management Homepage contains a command injection vulnerability (CWE-77) that may result in arbitrary command execution and privilege escalation.
Markus Wulftange from Daimler TSS reports:
The vulnerability is located in the `ginkgosnmp.inc` PHP file in the `C:\hp\hpsmh\data\smhutil` or `/opt/hp/hpsmh/data/smhutil` directory, respectively. Inside the `ginkgosnmp.inc` script, the last path segment of the current requested URL path is used in a `exec` call without proper escaping:
A remote authenticated user may be able to run arbitrary commands on the HP System Management Homepage server.
Apply an Update
Restrict Network Access
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Hewlett-Packard Company||Affected||19 Apr 2013||10 Jun 2013|
CVSS Metrics (Learn More)
Thanks to Markus Wulftange from Daimler TSS for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2013-3576
- Date Public: 10 Jun 2013
- Date First Published: 11 Jun 2013
- Date Last Updated: 24 Sep 2013
- Document Revision: 18
If you have feedback, comments, or additional information about this vulnerability, please send us email.