CVE-2013-6221 Information
Feb 14, 2021
cve
Description
Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1 when the AutoPass license server is enabled allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors aka ZDI-CAN-2031.
Reference
http://packetstormsecurity.com/files/127247/HP-AutoPass-License-Server-File-Upload.html http://www.exploit-db.com/exploits/33891 http://www.osvdb.org/107943 http://www.securitytracker.com/id/1030385 http://zerodayinitiative.com/advisories/ZDI-14-195/ https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_autopass_license_traversal.rb https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04333125
Share on: