CVE-2013-4837

HP LoadRunner < 11.52 - Remote Code Execution in Virtual User Generator

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-4837. PoCs published by Metasploit, including Metasploit module exploits/windows/http/hp_loadrunner_copyfiletoserver.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in HP LoadRunner 11.52's EmulationAdmin web service to upload and execute arbitrary JSP payloads, achieving remote code execution.

Description

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/30209

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in HP LoadRunner 11.52's EmulationAdmin web service to upload and execute arbitrary JSP payloads, achieving remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: HP LoadRunner 11.52

No auth needed

Prerequisites: Network access to the target's web service · Tomcat version detection · Correct traversal depth and install path

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_loadrunner_copyfiletoserver.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in HP LoadRunner 11.52 via the EmulationAdmin web service's copyFileToServer method to upload and execute a JSP payload, achieving remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: HP LoadRunner 11.52

No auth needed

Prerequisites: Network access to the target's web service on port 8080 · Tomcat version detection for path traversal

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_hp

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03969437

Scores

EPSS 0.6262

EPSS Percentile 99.1%

Details

Status published

Products (7)

hp/loadrunner 9.0.0

hp/loadrunner 9.50.0

hp/loadrunner 9.51

hp/loadrunner 9.52

hp/loadrunner 11.0.0.0

hp/loadrunner 11.50

hp/loadrunner < 11.51

Published Nov 04, 2013

Tracked Since Feb 18, 2026