OpenTSDB - Remote Code Execution (CVE-2023-25826)
- Severity
- CVSSv3 Score
- 9.8
- Vulnerability description
OpenTSDB is vulnerable to CVE-2023-25826, a Remote Code Execution vulnerability. The root cause of this vulnerability is the insufficient validation of parameters passed to the legacy HTTP query API. This allows to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system.
- Risk description
The risk exists that an unauthenticated remote attacker could gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
Update OpenTSDB to the latest version available.
- Codename
- Not available
- Detectable with
- Network Scanner
- Exploitable with Sniper
- Yes
- Vuln date
- May 2023
- Published at
- Updated at
- Software Type
- Time Series Database
- Vendor
- StumbleUpon
- Product
- OpenTSDB