CVE-2008-2390

HP Software Update - Remote Code Execution via Hpufunction.dll Execute Methods

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2390. PoCs published by callAX.

AI-analyzed exploit summary This exploit leverages insecure methods (ExecuteAsync and Execute) in HP Update Software to achieve remote code execution. The PoC demonstrates launching calc.exe via a malicious HTML page.

Description

Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by callAX · htmlremotewindows

https://www.exploit-db.com/exploits/5511

View Code ZIP pw:eip

This exploit leverages insecure methods (ExecuteAsync and Execute) in HP Update Software to achieve remote code execution. The PoC demonstrates launching calc.exe via a malicious HTML page.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: HP Update Software (specific version not specified)

No auth needed

Prerequisites: Victim must visit a malicious webpage · HP Update Software with vulnerable ActiveX control installed

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/42249

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/5511

Scores

EPSS 0.0686

EPSS Percentile 93.2%

Details

CWE

CWE-94

Status published

Products (1)

hp/software_update 4.0.0.1

Published May 21, 2008

Tracked Since Feb 18, 2026