CVE-2013-4800

HP LoadRunner < 11.52 - Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-4800. PoCs published by Metasploit, Unknown, juan vazquez, including Metasploit module exploits/windows/misc/hp_loadrunner_magentproc.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in HP LoadRunner's magentproc.exe via a crafted TCP request to port 443, allowing arbitrary code execution. It uses SEH overwrites and a prepended stack adjustment for reliable exploitation.

Description

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/28809

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in HP LoadRunner's magentproc.exe via a crafted TCP request to port 443, allowing arbitrary code execution. It uses SEH overwrites and a prepended stack adjustment for reliable exploitation.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: HP LoadRunner before 11.52

No auth needed

Prerequisites: Network access to TCP port 443 on the target · Vulnerable version of HP LoadRunner installed

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Unknown, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/hp_loadrunner_magentproc.rb