CVE-2009-1422

HP ProCurve Threat Management Services <ST.1.0.090213 - Privilege E...

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1422. PoCs published by anonymous.

AI-analyzed exploit summary The exploit describes a security-bypass vulnerability in HP ProCurve Threat Management Services zl Module. It involves loading a CRL list, saving the configuration, rebooting the module, and observing that the CRL is no longer available, effectively bypassing security restrictions.

Description

Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier allows remote attackers to gain privileges via unknown vectors, aka PR_41209.

Exploits (1)

exploitdb WRITEUP VERIFIED
by anonymous · textremotemultiple
https://www.exploit-db.com/exploits/33078

The exploit describes a security-bypass vulnerability in HP ProCurve Threat Management Services zl Module. It involves loading a CRL list, saving the configuration, rebooting the module, and observing that the CRL is no longer available, effectively bypassing security restrictions.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: HP ProCurve Threat Management Services zl Module J9155A running vST.1.0.090213 firmware or prior
Auth required
Prerequisites: Access to the VPN-->Certificates-->CRL page · Ability to save the configuration and reboot the module
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Patch vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=124751363528317&w=2
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1869
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1022536

Scores

EPSS 0.0814
EPSS Percentile 92.3%

Details

Status published
Products (1)
hp/procurve_threat_management_services_zl_module < st.1.0.090213
Published Jul 14, 2009
Tracked Since Feb 18, 2026