CVE-2010-1554

HP OpenView Network Node Manager <7.53 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2010-1554. PoCs published by Metasploit, S2 Crew, MC, including Metasploit module exploits/windows/http/hp_nnm_getnnmdata_icount.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager via a malformed ICount parameter in a POST request to getnnmdata.exe. It uses SEH overwrites and alphanumeric shellcode to achieve remote code execution.

Description

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/17040

This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager via a malformed ICount parameter in a POST request to getnnmdata.exe. It uses SEH overwrites and alphanumeric shellcode to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.50/7.53
No auth needed
Prerequisites: Network access to the target · Vulnerable version of HP OpenView Network Node Manager
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by S2 Crew · pythonremotewindows
https://www.exploit-db.com/exploits/14181

This exploit targets a buffer overflow in HP OpenView NNM's getnnmdata.exe CGI via a malformed ICount parameter. It uses an egghunter and shellcode to execute calc.exe, demonstrating remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.53
No auth needed
Prerequisites: Network access to the target · Vulnerable HP OpenView NNM instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_nnm_getnnmdata_icount.rb

This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager via a malformed ICount parameter in a POST request to getnnmdata.exe. It uses SEH overwrites and alphanumeric shellcode to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.50/7.53
No auth needed
Prerequisites: Network access to the target · Vulnerable version of HP OpenView Network Node Manager
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=127360750704351&w=2
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8154
Third Party Advisory x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-10-085/
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14181
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511249/100/0/threaded

Scores

EPSS 0.6779
EPSS Percentile 99.2%

Details

CWE
CWE-119
Status published
Products (3)
hp/openview_network_node_manager 7.0.1
hp/openview_network_node_manager 7.51 (5 CPE variants)
hp/openview_network_node_manager 7.53 (5 CPE variants)
Published May 13, 2010
Tracked Since Feb 18, 2026