CVE-2013-4837

HP LoadRunner <11.52 - RCE

Title source: llm

Description

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/30209

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_loadrunner_copyfiletoserver.rb

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03969437

Scores

EPSS 0.7560

EPSS Percentile 98.9%

Details

Status published

Products (7)

hp/loadrunner 9.0.0

hp/loadrunner 9.50.0

hp/loadrunner 9.51

hp/loadrunner 9.52

hp/loadrunner 11.0.0.0

hp/loadrunner 11.50

hp/loadrunner < 11.51

Published Nov 04, 2013

Tracked Since Feb 18, 2026