CVE-2012-5201

HP Intelligent Management Center < 5.1 - Remote Code Execution

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-5201. PoCs published by Metasploit, including Metasploit module exploits/windows/http/hp_imc_mibfileupload.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in HP Intelligent Management Center (CVE-2012-5201) by uploading a malicious JSP payload via an insecure ZIP file handling mechanism, leading to remote code execution.

Description

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/24891

This Metasploit module exploits an arbitrary file upload vulnerability in HP Intelligent Management Center (CVE-2012-5201) by uploading a malicious JSP payload via an insecure ZIP file handling mechanism, leading to remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP Intelligent Management Center 5.1 E0202
No auth needed
Prerequisites: Network access to the target · Target running HP Intelligent Management Center 5.1 E0202
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_imc_mibfileupload.rb

This Metasploit module exploits an arbitrary file upload vulnerability in HP Intelligent Management Center (CVE-2012-5201) by uploading a malicious JSP payload via a ZIP file, achieving remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP Intelligent Management Center 5.1 E0202
No auth needed
Prerequisites: Network access to the target · Target running HP IMC with vulnerable mibFileUpload endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=136268852804156&w=2

Scores

EPSS 0.6374
EPSS Percentile 99.1%

Details

Status published
Products (4)
hp/intelligent_management_center 5.0 (6 CPE variants)
hp/intelligent_management_center 5.1 (2 CPE variants)
hp/intelligent_management_center < 5.1 (2 CPE variants)
hp/intelligent_management_center_for_automated_network_manager < 5.1
Published Mar 09, 2013
Tracked Since Feb 18, 2026