HPE Smart Storage Administrator < 126.96.36.199 RCE
High Nessus Plugin ID 97859
SynopsisAn application installed on the remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe version of HPE Smart Storage Administrator installed on the remote Windows host is prior to 188.8.131.52. It is, therefore, affected by a flaw in function isDirectFileAccess() in file ipcelmclient.php due to improper sanitization of user-supplied input to the 'command' variable. An authenticated, remote attacker can exploit this, via a specially crafted HTTP request, to execute arbitrary code on the system.
Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to HPE Smart Storage Administrator version 184.108.40.206 or later.