Arbitrary Code Execution Vulnerability in HP LoadRunner and Performance Center
CVE-2010-1549

Currently unrated

Key Information:

Vendor: HP
Status: Loadrunner; Performance Center
Vendor: CVE Published:; 7 May 2010

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 88%

What is CVE-2010-1549?

An unspecified vulnerability in the Agent of HP LoadRunner and HP Performance Center prior to version 9.50 allows remote attackers to execute arbitrary code. This poses a significant risk to the integrity and security of the affected systems, as it can be exploited through unknown vectors, leading to potential unauthorized actions and data breaches.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2010-1549 - Proof of Concept

References

http://www.securityfocus.com/archive/1/511146/100/0/threaded

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/archive/1/511146/100/0/threaded

vendor-advisoryx_refsource_HP

http://seclists.org/bugtraq/2010/May/69

vendor-advisoryx_refsource_HP

EPSS Score

88% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
May 7, 2010
👾
Exploit known to exist
May 7, 2010
Vulnerability published
May 7, 2010
Vulnerability Reserved
Apr 26, 2010

CVE-2010-1549 Data

JSON