CVE-2014-2626

Currently unrated

Key Information:

Vendor: HP
Status: Network Virtualization
Vendor: CVE Published:; 26 July 2014

Summary

Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.

References

http://www.securitytracker.com/id/1030624

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/60418

third-party-advisoryx_refsource_SECUNIA

http://zerodayinitiative.com/advisories/ZDI-14-268/

x_refsource_MISC

EPSS Score

90% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 26, 2014
Vulnerability Reserved
Mar 24, 2014