13 matches found
GHSA-H475-7V3C-26Q7 Command injection in OpenTSDB
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was...
Command injection in OpenTSDB
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was...
CVE-2023-25826
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was...
Input validation
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was...
CVE-2023-25826
CVE-2023-25826 affects OpenTSDB via unauthenticated command injection in the HTTP query path (legacy API). The issue stems from insufficient validation of parameters (notably in the query API), allowing crafted commands to bypass regex filters and execute on the host. Public writeups and exploits...
Metasploit Weekly Wrap-Up
Back from a quiet holiday season Thankfully, it was a relatively quiet holiday break for security this year, so we hope everyone had a relaxing time while they could. This wrapup covers the last three Metasploit releases, and contains three new modules, two updates, and five bug fixes. Make sure...
OpenTSDB 2.4.0 Command Injection Exploit
This Metasploit module exploits an unauthenticated command injection vulnerability in the yrange parameter in OpenTSDB through 2.4.0 CVE-2020-35476 in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If...
OpenTSDB 2.4.0 unauthenticated command injection
This module exploits an unauthenticated command injection vulnerability in the yrange parameter in OpenTSDB through 2.4.0 CVE-2020-35476 in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If the version...
OpenTSDB 2.4.0 Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenTSDB 2.4.0 unauthenticated command injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...
io.kamon:kamon-opentsdb_2.10 (=0.6.7), io.kamon:kamon-opentsdb_2.11 (=0.6.7) +2 more potentially affected by CVE-2020-35476 via net.opentsdb:opentsdb (>=2.3.0 <=2.4.0)
net.opentsdb:opentsdb MAVEN version =2.3.0, =2.3.2, =2.4.0 Source cves: CVE-2020-35476 Source advisory: OSV:GHSA-HV53-Q76C-7F8C...
StumbleUpon OpenTSDB Remote Code Execution (CVE-2020-35476)
A remote code execution vulnerability exists in StumbleUpon OpenTSDB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-35476
creationtimestamp| type| source ---|---|--- 2020-12-16 15:25:41+00:00| seen| https://t.me/cibsecurity/20908 2021-04-27 09:04:52+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/267 2022-12-23 14:46:09+00:00| seen|...
CVE-2020-35476
OpenTSDB 2.4.0 and earlier is vulnerable to remote code execution via the yrange parameter, which writes a gnuplot file to /tmp and invokes it through mygnuplot.sh. The underlying issue is command injection not fully mitigated by tsd/GraphHandler.java, enabling an attacker to execute arbitrary co...