CVE-2015-3292

NetApp OnCommand Workflow Automation <3.0P1 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-3292. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits CVE-2015-3292 by abusing the Java Debug Wire Protocol (JDWP) to execute arbitrary Java code remotely. It leverages the lack of authentication in exposed JDWP services to inject and execute payloads.

Description

The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotemultiple

https://www.exploit-db.com/exploits/33789

View Code ZIP pw:eip

This Metasploit module exploits CVE-2015-3292 by abusing the Java Debug Wire Protocol (JDWP) to execute arbitrary Java code remotely. It leverages the lack of authentication in exposed JDWP services to inject and execute payloads.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Java Debug Wire Protocol (JDWP) services

No auth needed

Prerequisites: Exposed JDWP service on port 8000 · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/74891

Vendor Advisory x_refsource_confirm

https://kb.netapp.com/support/index?page=content&id=9010037

Scores

EPSS 0.1216

EPSS Percentile 95.6%

Details

CWE

CWE-17

Status published

Products (2)

netapp/oncommand_workflow_automation 3.0

netapp/oncommand_workflow_automation < 2.2.1

Published May 31, 2015

Tracked Since Feb 18, 2026