CVE-2005-2773
KEV
🔴 Łataj teraz
Wykonanie dowolnych poleceń zdalnie w HP OpenView Network Node Manager przez metaznaki w parametrach.
CVSS
9.8
EPSS
89.8%
Exploit
weaponized
Vendor
hp
Opis źródłowy (NVD)
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
exploit
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.8 |
| CISA KEV (aktywnie wykorzystywane) | Tak |
| FIRST EPSS (prawdopodobieństwo exploita) | 89.8% |
| Opublikowano (NVD) | 2005-09-02 23:03:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-16 14:03:02 UTC |
Referencje
- http://marc.info/?l=bugtraq&m=112499121725662&w=2 (cve@mitre.org) [Exploit, Issue Tracking, Mailing List]
- http://secunia.com/advisories/16555/ (cve@mitre.org) [Not Applicable]
- http://www.securityfocus.com/advisories/9150 (cve@mitre.org) [Broken Link]
- http://www.securityfocus.com/bid/14662 (cve@mitre.org) [Broken Link]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21999 (cve@mitre.org) [Third Party Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2005-2773 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]