CVE-2015-8522

CRITICAL

IBM Tivoli Storage Manager FastBack <6.1.12.2 - RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2015-8522. PoCs published by damariion.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2015-8522, demonstrating a remote code execution (RCE) vulnerability. The exploit includes modules for bypassing ASLR and DEP, and it constructs a ROP chain to achieve arbitrary code execution.

Description

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8521.

Exploits (2)

nomisec WORKING POC

by damariion · poc

https://github.com/damariion/CVE-2015-8522.RCE

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2015-8522, demonstrating a remote code execution (RCE) vulnerability. The exploit includes modules for bypassing ASLR and DEP, and it constructs a ROP chain to achieve arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Unknown (CVE-2015-8522)

No auth needed

Prerequisites: Network access to the target · Target service running on port 11460

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 10, 2026 Full analysis →

nomisec WORKING POC

by damariion · poc

https://github.com/damariion/CVE-2015-8522

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2015-8522, targeting a memory corruption vulnerability. The exploit includes ASLR and DEP bypass techniques, a ROP chain, and a reverse shell payload, demonstrating a complete attack chain for remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Unknown (likely a network service vulnerable to memory corruption)

No auth needed

Prerequisites: Network access to the target host · Target service running on port 11460

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 24, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/84163

Vendor Advisory x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg21975536

Scores

CVSS v3 9.8

EPSS 0.0891

EPSS Percentile 92.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (35)

ibm/tivoli_storage_manager_fastback 5.5.0

ibm/tivoli_storage_manager_fastback 6.1.0

ibm/tivoli_storage_manager_fastback 6.1.0.1

ibm/tivoli_storage_manager_fastback 6.1.1

ibm/tivoli_storage_manager_fastback 6.1.1.0

ibm/tivoli_storage_manager_fastback 6.1.2

ibm/tivoli_storage_manager_fastback 6.1.2.0

ibm/tivoli_storage_manager_fastback 6.1.3

ibm/tivoli_storage_manager_fastback 6.1.3.0

ibm/tivoli_storage_manager_fastback 6.1.4

... and 25 more

Published Apr 05, 2016

Tracked Since Feb 18, 2026