CVE-2007-5082

BrightStor Hierarchical Storage Manager - Remote Code Execution via CsAgent Service Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2007-5082. PoCs published by Metasploit, Nice Name Crew, toto, including Metasploit module exploits/windows/brightstor/hsmserver.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack buffer overflow in CA BrightStor HSM via a crafted TCP request to port 2000. It leverages SEH overwrites and a hardcoded return address to achieve remote code execution.

Description

Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16402

This is a Metasploit module exploiting a stack buffer overflow in CA BrightStor HSM via a crafted TCP request to port 2000. It leverages SEH overwrites and a hardcoded return address to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CA BrightStor HSM 11.5
No auth needed
Prerequisites: Network access to target port 2000 · Vulnerable version of CA BrightStor HSM
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Nice Name Crew · perldoswindows
https://www.exploit-db.com/exploits/4569

This exploit targets a remote stack-based overflow in CA BrightStor HSM <= r11.5. It sends a series of crafted packets to trigger the vulnerability, leading to a denial-of-service (DoS) condition.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: CA BrightStor HSM <= r11.5
No auth needed
Prerequisites: Network access to TCP port 2000 on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by toto · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/hsmserver.rb

This Metasploit module exploits a stack buffer overflow in CA BrightStor HSM 11.5 via a crafted TCP request to port 2000, allowing arbitrary code execution. It uses a SEH bypass and a hardcoded return address in fpparser.dll.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CA BrightStor HSM 11.5
No auth needed
Prerequisites: Network access to TCP port 2000 · Target running CA BrightStor HSM 11.5
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36825
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3275
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25823
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26914
Third Party Advisory third-party-advisory x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/480808/100/0/threaded
Vendor Advisory x_refsource_confirm
http://dvlabs.tippingpoint.com/advisory/TPTI-07-16
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1018747

Scores

EPSS 0.7285
EPSS Percentile 98.8%

Details

CWE
CWE-119
Status published
Products (1)
broadcom/brightstor_hierarchical_storage_manager 11.5
Published Oct 01, 2007
Tracked Since Feb 18, 2026