cve/2013/CVE-2013-6221.md

### [CVE-2013-6221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6221)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.

### POC

#### Reference
- http://packetstormsecurity.com/files/127247/HP-AutoPass-License-Server-File-Upload.html

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2013-6221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6221)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/127247/HP-AutoPass-License-Server-File-Upload.html`

			`#### Github`
			`No PoCs found on GitHub currently.`