← back
CVE-2024-53676

CVE-2024-53676

CVSS 9.8 CRITICALEPSS 51.3%CWE-552
In short

A flaw in HP Enterprise Insight Remote Support allows attackers to access files outside intended directories, potentially running malicious code remotely on affected systems.

Technical detail

Directory traversal vulnerability (CWE-552) in Hewlett Packard Enterprise Insight Remote Support enables remote code execution via path manipulation, exploitable without authentication or special privileges; impacts confidentiality, integrity, and availability of the system.

Summary generated and translated by AI from the official description.
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Hewlett Packard Enterprise (HPE) · HPE Insight Remote Support
public PoCs found1
cve_referencegithub.com/pwnfuzz/POCs/tree/main/CVE-2024-53676unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/pwnfuzz/POCs/tree/main/CVE-2024-53676https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04731en_us