0.002 Low
EPSS
Percentile
56.9%
opentsdb is vulnerable to remote code execution (RCE) attacks. A malicious user can inject and execute arbitrary commands through a q request using the o, key, style, yrange , y2range parameters and the JSON input.
q
o
key
style
yrange
y2range
github.com/OpenTSDB/opentsdb/issues/1239