← volver
CVE-2023-25826

Remote Code Execution in OpenTSDB

CVSS 9.8 CRITICALEPSS 35.6%CWE-78
Vexday Risk Score
75Prioridad alta
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
CVSS 9.8EPSS 35.6%KEV nãoPoC públicaNuclei Metasploit simPatch
Ciclo de vida
03 may 2023Publicada en NVD
01 jul 2023Exploit Metasploit disponible
Recomendación: Planificar corrección próxima — ya existe PoC pública.
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was previously disclosed as CVE-2020-35476. Regex validation that was implemented to restrict allowed input to the query API does not work as intended, allowing crafted commands to bypass validation.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
OpenTSDB · OpenTSDB
PoCs públicas encontradas1
cve_referencepacketstormsecurity.com/files/174570/OpenTSDB-2.4.1-Unauthenticated-Command-Injection.htmlno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/174570/OpenTSDB-2.4.1-Unauthenticated-Command-Injection.htmlhttps://github.com/OpenTSDB/opentsdb/pull/2275https://www.synopsys.com/blogs/software-security/opentsdb/