HP Intelligent Management Center Arbitrary File Upload
29 March 2013
An unspecified vulnerability has been identified in Intelligent Management Center (IMC). The error occurs with "mibFileUpload," which accepts unauthenticated uploads and improperly handles ZIP contents in an insecure manner.
Vendor: Hewlett Packard
CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Attacks on the IoT can sound like the stuff of a movie thriller, but they are very real. The highly skilled and organized cybercriminals of today have the potential to tamper with a car’s firmware to kill its brakes.
Dyre's primary goal is to harvest victims' online credentials, and it's capable of doing this by mounting Man-in-the-Browser attacks against the three most commonly used Windows browsers: Internet Explorer, Firefox, and Chrome.