Remote Code Execution Vulnerability in HP Network Node Manager i
CVE-2014-2624

Currently unrated

Key Information:

Vendor: HP
Status: Network Node Manager I
Vendor: CVE Published:; 11 September 2014

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 77%

Summary

HP Network Node Manager i (NNMi) versions 9.0x, 9.1x, and 9.2x have a vulnerability that enables remote attackers to execute arbitrary code through unspecified vectors, leading to potential system compromise and unauthorized access. Users are advised to apply available patches to mitigate this risk.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2014-2624
Created by Rapid7

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://exchange.xforce.ibmcloud.com/vulnerabilities/95875

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1030827

vdb-entryx_refsource_SECTRACK

EPSS Score

77% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
Sep 24, 2014
👾
Exploit known to exist
Sep 24, 2014
Vulnerability published
Sep 11, 2014
Vulnerability Reserved
Mar 24, 2014