Remote Code Inclusion Vulnerability in HP Insight Diagnostics
CVE-2013-3575

Currently unrated

Key Information:

Vendor: HP
Status: Insight Diagnostics
Vendor: CVE Published:; 14 June 2013

Summary

The HP Insight Diagnostics version 9.4.0.4710 is susceptible to a remote code inclusion vulnerability due to improper handling of PHP include and require statements. This flaw allows remote attackers to manipulate the path parameters, enabling them to include and execute arbitrary HTML files from the server. As a result, this vulnerability poses significant risks to the integrity and security of the systems relying on this software.

References

http://www.kb.cert.org/vuls/id/324668

third-party-advisoryx_refsource_CERT-VN

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 14, 2013