6 matches found
CVE-2012-10048
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...
CVE-2012-10048
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...
CVE-2012-10048 Zenoss 3.x showDaemonXMLConfig Command Execution
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user...
PT-2025-32401 · Zenoss · Zenoss Core
Name of the Vulnerable Software and Affected Versions: Zenoss Core versions 3.x Description: Zenoss Core contains a command injection issue in the showDaemonXMLConfig API endpoint. The daemon parameter is directly passed to a Popen call in ZenossInfo.py without proper sanitization, potentially...
Zenoss 3 showDaemonXMLConfig Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Zenoss 3 - showDaemonXMLConfig Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Zenoss 3...