CVE-2010-1961

HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow

Title source: metasploit
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-1961. PoCs published by Metasploit, jduck, including Metasploit module exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager 7.53 via a long 'arg' parameter in the 'jovgraph.exe' CGI program, allowing arbitrary code execution. The exploit uses either GET or POST requests to trigger the vulnerability.

Description

Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprintf function.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/17044

This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager 7.53 via a long 'arg' parameter in the 'jovgraph.exe' CGI program, allowing arbitrary code execution. The exploit uses either GET or POST requests to trigger the vulnerability.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: HP OpenView Network Node Manager 7.53 prior to NNM_01203
No auth needed
Prerequisites: Network access to the target · Vulnerable version of HP OpenView Network Node Manager
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb

This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager 7.53 via a long 'arg' parameter in the 'jovgraph.exe' CGI program, allowing arbitrary code execution. The exploit leverages SEH overwrites and JMP ESP techniques to achieve RCE.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: HP OpenView Network Node Manager 7.53 prior to NNM_01203
No auth needed
Prerequisites: Network access to the vulnerable CGI endpoint · Target system running HP OpenView Network Node Manager 7.53
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Patch, Vendor Advisory vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=127602909915281&w=2
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-106/
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40101
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59250
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40638
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511731/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024071

Scores

EPSS 0.6911
EPSS Percentile 99.3%

Details

CWE
CWE-119
Status published
Products (2)
hp/openview_network_node_manager 7.51 (5 CPE variants)
hp/openview_network_node_manager 7.53 (5 CPE variants)
Published Jun 10, 2010
Tracked Since Feb 18, 2026