Skip to main content
CVE-2013-3576 CRITICAL POC THREAT Emergency

ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 46.3%.

PHP Command Injection HP System Management Homepage
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
46.3%
Threat
4.7
CVE-2013-2338 CRITICAL Act Now

Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 22.2% and no vendor patch available.

HP RCE Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 2.0
10.0
EPSS
22.2%
CVE-2013-3573 CRITICAL Act Now

HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection HP Insight Diagnostics
NVD
CVSS 2.0
10.0
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy