CVE-2013-2367

HP SiteScope <11.21 - RCE

Title source: llm

Description

Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/28188

View Code ZIP pw:eip

metasploit WORKING POC MANUAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03861260

Scores

EPSS 0.8385

EPSS Percentile 99.3%

Details

Status published

Products (2)

hp/sitescope 11.20

hp/sitescope 11.21

Published Jul 31, 2013

Tracked Since Feb 18, 2026