← back
CVE-2013-3632high

CVE-2013-3632

68Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendcvss 8.8epss 57%
from disclosure to weapon0 days
Published on NVDSep 29
1st PoCOct 31
metasploitOct 30
exploitation probability
57%top 1% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.