CVE-2011-0276

HP OpenView Performance Insight Server <5.4 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-0276. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/http/hp_openview_insight_backdoor.

AI-analyzed exploit summary This Metasploit module exploits a hidden backdoor account in HP OpenView Performance Insight Server to upload a malicious JSP file, achieving remote code execution. It leverages hardcoded credentials and a file upload vulnerability in the HelpManagerServlet.

Description

HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16984

This Metasploit module exploits a hidden backdoor account in HP OpenView Performance Insight Server to upload a malicious JSP file, achieving remote code execution. It leverages hardcoded credentials and a file upload vulnerability in the HelpManagerServlet.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: HP OpenView Performance Insight Server 5.41.0
Auth required
Prerequisites: Network access to the target server · HP OpenView Performance Insight Server with default backdoor credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_openview_insight_backdoor.rb

This Metasploit module exploits a hidden backdoor account in HP OpenView Performance Insight Server to upload a malicious JSP file, achieving remote code execution. It leverages hardcoded credentials and a file upload vulnerability in the HelpManagerServlet.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Performance Insight Server 5.41.0
Auth required
Prerequisites: Network access to the target server · Target server running HP OpenView Performance Insight Server 5.41.0
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/70754
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-034
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/516093/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8136
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/16984
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1025014
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65038
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43145
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0258
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/46079

Scores

EPSS 0.8243
EPSS Percentile 99.6%

Details

Status published
Products (5)
hp/openview_performance_insight 5.2
hp/openview_performance_insight 5.3
hp/openview_performance_insight 5.4
hp/openview_performance_insight 5.31
hp/openview_performance_insight 5.41
Published Feb 02, 2011
Tracked Since Feb 18, 2026