CVE-2020-35476
CVE-2020-35476
Vexday Risk Score
82Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 85.3%KEV nãoPoC públicaNuclei simMetasploit simPatch —
Lifecycle
18 Nov 2020Metasploit module available
16 Dec 2020Published on NVD
30 Jan 2022Public PoC
Weaponization speed
410 daysto first PoC
Recommendation: Patch as soon as possible — active exploitation confirmed.
A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.java attempted to prevent command injections by blocking backticks but this is insufficient.)
Affected products
n/a · n/apublic PoCs found — 1
vulncheckvulncheck.com/xdb/765cb871004bunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.