EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution Exploit

This module exploits a remote code execution vulnerability in EMC Data Protection Advisor (DAP). Vulnerable installations of EMC DPA exposes the EJBInvokerServlet invoker servlet which does not require any type of authentication by default on certain profiles and allow remote attackers to invoke MBean methods and execute arbitrary code.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2012-0874
Product Version: 
2014_R1
Released Date: 
Tuesday, April 29, 2014 - 00:00