CVE-2013-0928

EMC AlphaStor 4.0 - Remote Code Execution via DCP Run Command Operation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-0928. PoCs published by Metasploit, including Metasploit module exploits/windows/emc/alphastor_device_manager_exec.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in EMC AlphaStor Device Manager (rrobtd.exe) via opcode 0x75. It leverages a CMD stager to achieve remote code execution on vulnerable Windows systems.

Description

The NetWorker command processor in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote attackers to execute arbitrary commands via a DCP "run command" operation.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/34756

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in EMC AlphaStor Device Manager (rrobtd.exe) via opcode 0x75. It leverages a CMD stager to achieve remote code execution on vulnerable Windows systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: EMC AlphaStor Device Manager 4.0 < build 800

No auth needed

Prerequisites: Network access to TCP port 3000 on the target

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/emc/alphastor_device_manager_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in EMC AlphaStor Device Manager (rrobtd.exe) via opcode 0x75, allowing arbitrary command execution. It uses a CMD stager to deploy payloads on vulnerable Windows systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: EMC AlphaStor Device Manager 4.0 < build 800

No auth needed

Prerequisites: Network access to TCP port 3000 on the target

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2013-01/0078.html

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-13-033/

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/57472

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/34756

Scores

EPSS 0.3447

EPSS Percentile 98.2%

Details

CWE

CWE-78

Status published

Products (1)

emc/alphastor 4.0

Published Jan 21, 2013

Tracked Since Feb 18, 2026