CVE-2010-1553

HP OpenView Network Node Manager <7.53 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2010-1553. PoCs published by Metasploit, S2 Crew, MC, including Metasploit module exploits/windows/http/hp_nnm_getnnmdata_maxage.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager via a maliciously crafted MaxAge parameter in a POST request to getnnmdata.exe. It leverages SEH overwrites and alphanumeric shellcode to achieve remote code execution.

Description

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/17042

This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager via a maliciously crafted MaxAge parameter in a POST request to getnnmdata.exe. It leverages SEH overwrites and alphanumeric shellcode to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.50/7.53
No auth needed
Prerequisites: Network access to the target's web interface · Vulnerable version of HP OpenView Network Node Manager
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by S2 Crew · pythonremotewindows
https://www.exploit-db.com/exploits/14180

This exploit targets a buffer overflow vulnerability in HP OpenView NNM's getnnmdata.exe CGI. It uses a crafted POST request with a malicious MaxAge parameter to trigger remote code execution via shellcode (calc.exe).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.53
No auth needed
Prerequisites: Network access to the target · Vulnerable version of HP OpenView NNM
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_nnm_getnnmdata_maxage.rb

This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager via a crafted MaxAge parameter in a POST request to getnnmdata.exe, allowing arbitrary code execution. It uses SEH overwrites and alphanumeric shellcode for reliability.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.50/7.53
No auth needed
Prerequisites: Network access to the target · Vulnerable version of HP OpenView Network Node Manager
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=127360750704351&w=2
Third Party Advisory x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-10-084/
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511241/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8153

Scores

EPSS 0.7217
EPSS Percentile 99.4%

Details

CWE
CWE-119
Status published
Products (3)
hp/openview_network_node_manager 7.0.1
hp/openview_network_node_manager 7.51 (5 CPE variants)
hp/openview_network_node_manager 7.53 (5 CPE variants)
Published May 13, 2010
Tracked Since Feb 18, 2026