CVE-2012-3261

HP SiteScope <11.12 - RCE

Title source: llm

Description

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.

Exploits (1)

metasploit WORKING POC GOOD

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/hp_sitescope_uploadfileshandler.rb

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03489683

[Third Party Advisory] http://marc.info/?l=bugtraq&m=134825051608877&w=2

Scores

EPSS 0.6858

EPSS Percentile 98.6%

Details

Status published

Products (3)

hp/sitescope 11.10

hp/sitescope 11.11

hp/sitescope 11.12

Published Sep 25, 2012

Tracked Since Feb 18, 2026