Lucene search
Veracode Vulnerability DatabaseVERACODE:40431HistoryMay 09, 2023 - 5:46 a.m.
Command Injection
2023-05-0905:46:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
command injection
opentsdb
http query api
os commands
validation
malicious code
security
vulnerability
EPSS
0.001
Percentile
50.7%
net.opentsdb:opentsdb is vulnerable to Command Injection. Insufficient validation of parameters passed to the legacy HTTP query API allows crafted OS commands to bypass validation, allowing malicious code to execute on the OpenTSDB host system.
References
Related
packetstorm
packetstorm
OpenTSDB 2.4.1 Unauthenticated Command Injection
2023-09-08 00:00:00
metasploit
metasploit
OpenTSDB 2.4.1 unauthenticated command injection
2023-09-07 14:29:16
cve
cve
CVE-2023-25826
2023-05-03 19:15:08
cvelist
cvelist
CVE-2023-25826 Remote Code Execution in OpenTSDB
2023-05-03 18:33:59
osv
osv
CVE-2023-25826
2023-05-03 19:15:08
Command injection in OpenTSDB
2023-05-03 21:30:18
zdt
zdt
OpenTSDB 2.4.1 Unauthenticated Command Injection Exploit
2023-09-11 00:00:00
prion
prion
Input validation
2023-05-03 19:15:00
github
github
Command injection in OpenTSDB
2023-05-03 21:30:18
nvd
nvd
CVE-2023-25826
2023-05-03 19:15:08
githubexploit
githubexploit
Exploit for OS Command Injection in Opentsdb
2023-09-07 13:47:13
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-09-15 18:54:45
wallarmlab
wallarmlab
ChatGPT: Friend or Foe? | API Security Newsletter
2023-05-16 13:58:20