CVE-2022-37932 PoC — Hewlett Packard Enterprise OfficeConnect 授权问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-37932.yaml

Associated Vulnerability

Title:Hewlett Packard Enterprise OfficeConnect 授权问题漏洞 (CVE-2022-37932)
Description:Hewlett Packard Enterprise OfficeConnect是美国慧与（Hewlett Packard Enterprise）公司的一系列交换机。 Hewlett Packard Enterprise OfficeConnect 1820、1850 和 1920S Network switches存在安全漏洞，该漏洞源于发现了一个潜在的安全漏洞，该漏洞可被远程利用以绕过身份验证，以下产品和版本受到影响：PT.02.14 之前版本、在 PC.01.22 之前版本；、在 PO.01.21

Description

A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions- Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;

File Snapshot


 id: CVE-2022-37932

info:
  name: HP Switch - Authentication Bypass
  author: Phulelouch
  severity:

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!