CVE-2017-5792

CRITICAL

HPE Intelligent Management Center PLAT 7.3 E0504P2 - Remote Code Execution via Untrusted Data Deserialization

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-5792. PoCs published by Chris Lyne, scanfsec.

AI-analyzed exploit summary This exploit leverages Java RMI Registry deserialization vulnerability in HPE iMC 7.3 to achieve remote code execution. It uses ysoserial to generate a payload that launches calc.exe on the target system.

Description

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.

Exploits (2)

exploitdb WORKING POC

by Chris Lyne · textremotewindows

https://www.exploit-db.com/exploits/43927

View Code ZIP pw:eip

This exploit leverages Java RMI Registry deserialization vulnerability in HPE iMC 7.3 to achieve remote code execution. It uses ysoserial to generate a payload that launches calc.exe on the target system.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: HPE iMC PLAT v7.3 (E0504) Standard

No auth needed

Prerequisites: Network access to the target's RMI Registry port (21195) · ysoserial tool

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 1 stars

by scanfsec · poc

https://github.com/scanfsec/HPE-iMC-7.3-RMI-Java-Deserialization