CVE-2012-3282

HP LeftHand Virtual SAN Appliance <10.0 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3282.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow vulnerability in HP StorageWorks P4000 Virtual SAN Appliance due to insecure usage of sscanf() when parsing login requests. It achieves remote code execution by sending a crafted login packet with a malicious payload.

Description

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468.

Exploits (1)

exploitdb WORKING POC

rubyremotewindows

https://www.exploit-db.com/exploits/27555

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow vulnerability in HP StorageWorks P4000 Virtual SAN Appliance due to insecure usage of sscanf() when parsing login requests. It achieves remote code execution by sending a crafted login packet with a malicious payload.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: HP StorageWorks P4000 Virtual SAN Appliance versions prior to 10.0

No auth needed

Prerequisites: Network access to the target system on port 13838

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_hp

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03661318

Scores

EPSS 0.3505

EPSS Percentile 97.1%

Details

Status published

Products (6)

hp/lefthand_p4000_virtual_san_appliance

hp/san\/iq 8.0

hp/san\/iq 8.1

hp/san\/iq 8.5

hp/san\/iq 9.0

hp/san\/iq < 9.5

Published Feb 06, 2013

Tracked Since Feb 18, 2026