CVE-2012-0124

HP Data Protector Express 5.0.00-59287 and 6.0.00-11974 - Remote Code Execution or Denial of Service

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-0124. PoCs published by Metasploit, juan vazquez, sinn3r, including Metasploit module exploits/windows/misc/hp_dataprotector_new_folder.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack buffer overflow in HP Data Protector 5 via insecure handling of folder names in dpwindtb.dll. It uses SEH overwrite and egg hunting to achieve remote code execution.

Description

Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/19484

View Code ZIP pw:eip

This is a Metasploit module exploiting a stack buffer overflow in HP Data Protector 5 via insecure handling of folder names in dpwindtb.dll. It uses SEH overwrite and egg hunting to achieve remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: HP Data Protector Express 5.0.00.59287

Auth required

Prerequisites: Network access to port 3817 · Valid credentials (default 'Admin' with empty password)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by juan vazquez, sinn3r · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in HP Data Protector Express (CVE-2012-0124) by sending a maliciously crafted folder creation request. It uses SEH overwrite and egghunting techniques to achieve remote code execution with SYSTEM privileges.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: HP Data Protector Express 5.0.00.59287 / 6.0.00.11974

Auth required

Prerequisites: Network access to HP Data Protector Express service (port 3817) · Valid credentials (default 'Admin' with empty password)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp

http://www.securityfocus.com/archive/1/521944

Scores

EPSS 0.7366

EPSS Percentile 98.8%

Details

Status published

Products (2)

hp/data_protector_express 5.0

hp/data_protector_express 6.0

Published Mar 14, 2012

Tracked Since Feb 18, 2026