HP ProCurve Manager SNAC UpdateCertificatesServlet Exploit

This module exploits a path traversal vulnerability in HP ProCurve Manager. The specific flaw exists within the UpdateCertificatesServlet. This servlet improperly sanitizes the fileName argument allowing the remote attacker could upload a .jsp file and execute arbitrary code. Authentication is not required to exploit this vulnerability.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2013-4812
Product Version: 
2014_R1
Released Date: 
Thursday, February 6, 2014 - 00:00