CVE-2010-1552

HP OpenView Network Node Manager <7.53 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-1552. PoCs published by Metasploit, jduck, including Metasploit module exploits/windows/http/hp_nnm_snmpviewer_actapp.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager's snmpviewer.exe via crafted HTTP requests with oversized 'act' and 'app' parameters, leading to arbitrary code execution by overwriting SEH.

Description

Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/17039

This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager's snmpviewer.exe via crafted HTTP requests with oversized 'act' and 'app' parameters, leading to arbitrary code execution by overwriting SEH.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.53 prior to NNM_01203
No auth needed
Prerequisites: Network access to the vulnerable HP OpenView Network Node Manager instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_nnm_snmpviewer_actapp.rb

This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager 7.53 via a crafted HTTP request to snmpviewer.exe. It leverages SEH overwrites to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.53 prior to NNM_01203
No auth needed
Prerequisites: Network access to the vulnerable HP OpenView NNM server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=127360750704351&w=2
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8157
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511248/100/0/threaded
Third Party Advisory x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-10-083/

Scores

EPSS 0.6889
EPSS Percentile 99.3%

Details

CWE
CWE-119
Status published
Products (3)
hp/openview_network_node_manager 7.0.1
hp/openview_network_node_manager 7.51 (5 CPE variants)
hp/openview_network_node_manager 7.53 (5 CPE variants)
Published May 13, 2010
Tracked Since Feb 18, 2026