{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82581?format=json","vulnerability_id":"VCID-hr1e-pvgs-2bhb","summary":"","aliases":[{"alias":"CVE-2013-4811"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4811","reference_id":"","reference_type":"","scores":[{"value":"0.83544","scoring_system":"epss","scoring_elements":"0.99299","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4811"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/28336.rb","reference_id":"CVE-2013-4811;OSVDB-97154","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/28336.rb"},{"reference_url":"http://www.zerodayinitiative.com/advisories/ZDI-13-226/","reference_id":"CVE-2013-4811;OSVDB-97154","reference_type":"exploit","scores":[],"url":"http://www.zerodayinitiative.com/advisories/ZDI-13-226/"}],"weaknesses":[],"exploits":[{"date_added":null,"description":"This module exploits a path traversal flaw in the HP ProCurve Manager SNAC Server. The\n          vulnerability in the UpdateDomainControllerServlet allows an attacker to upload arbitrary\n          files, just having into account binary writes aren't allowed. Additionally, authentication\n          can be bypassed in order to upload the file. This module has been tested successfully on\n          the SNAC server installed with HP ProCurve Manager 4.0.","required_action":null,"due_date":null,"notes":"Reliability:\n  - unknown-reliability\nStability:\n  - unknown-stability\nSideEffects:\n  - unknown-side-effects\n","known_ransomware_campaign_use":false,"source_date_published":"2013-09-09","exploit_type":null,"platform":"Windows","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/http/hp_pcm_snac_update_domain.rb"},{"date_added":"2013-09-17","description":"HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload (Metasploit)","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2013-09-17","exploit_type":"remote","platform":"windows","source_date_updated":"2013-09-17","data_source":"Exploit-DB","source_url":"http://www.zerodayinitiative.com/advisories/ZDI-13-226/"}],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hr1e-pvgs-2bhb"}