5 matches found
OpenTSDB 2.4.1 unauthenticated command injection
This module exploits an unauthenticated command injection vulnerability in the key parameter in OpenTSDB through 2.4.1 CVE-2023-36812/CVE-2023-25826 in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If...
OpenTSDB 2.4.1 Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenTSDB 2.4.1 unauthenticated command injection', 'Description' = %q This module exploits an unauthenticated command injection vulnerability in...
Exploit for OS Command Injection in Opentsdb
opentsdbkeycmdinjection An exploit for OpenTSDB -l -p -...
CVE-2023-36812
creationtimestamp| type| source ---|---|--- 2023-07-04 12:53:30+00:00| published-proof-of-concept| https://t.me/hunter4good/196 2023-09-07 14:30:28+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5101 2023-09-08 16:06:04+00:00| seen|...
io.kamon:kamon-opentsdb_2.10 (=0.6.7), io.kamon:kamon-opentsdb_2.11 (=0.6.7) +2 more potentially affected by CVE-2023-36812 via net.opentsdb:opentsdb (>=2.3.0 <=2.4.0)
net.opentsdb:opentsdb MAVEN version =2.3.0, =2.3.2, =2.4.0 Source cves: CVE-2023-36812 Source advisory: OSV:GHSA-76F7-9V52-V2FW...