CVE-2005-2773

Exploitation Summary

CVE-2005-2773 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 25, 2022. EIP tracks 3 public exploits from researchers including Metasploit, Lympex, including a Metasploit module exploits/unix/webapp/openview_connectednodes_exec.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in HP OpenView's connectedNodes.ovpl CGI application by injecting arbitrary commands via the 'node' parameter. The payload is executed on the target system, and the output is captured and displayed.

Description

HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/16887

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in HP OpenView's connectedNodes.ovpl CGI application by injecting arbitrary commands via the 'node' parameter. The payload is executed on the target system, and the output is captured and displayed.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: HP OpenView connectedNodes.ovpl

No auth needed

Prerequisites: Network access to the target system · HP OpenView with vulnerable connectedNodes.ovpl CGI accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Lympex · cremotemultiple

https://www.exploit-db.com/exploits/1188

View Code ZIP pw:eip

This exploit targets HP OpenView Network Node Manager (NNM) versions 6.2, 6.4, 7.01, and 7.50 by sending a crafted HTTP GET request to the '/OvCgi/connectedNodes.ovpl' endpoint with a command injection payload. The vulnerability allows remote command execution due to improper input validation in the 'node' parameter.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: HP OpenView Network Node Manager 6.2, 6.4, 7.01, 7.50

No auth needed

Prerequisites: Network access to the target system on port 3443

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/openview_connectednodes_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in HP OpenView's connectedNodes.ovpl CGI application by injecting arbitrary commands via the 'node' parameter. The payload is executed on the target system, and the output is captured and displayed.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: HP OpenView connectedNodes.ovpl (versions affected by CVE-2005-2773)

No auth needed

Prerequisites: Network access to the vulnerable CGI application · Target system running HP OpenView with the vulnerable component

MITRE ATT&CK