HP Intelligent Management Center Arbitrary File Upload
29 March 2013
An unspecified vulnerability has been identified in Intelligent Management Center (IMC). The error occurs with "mibFileUpload," which accepts unauthenticated uploads and improperly handles ZIP contents in an insecure manner.
Vendor: Hewlett Packard
CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
The existence of a botnet comprising of tens of thousands of compromised routers and other IoT devices is not news. Nevertheless, this latest one is special, as it seems that its herder does not have malicious intentions.