Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opentsdb opentsdb 2.3.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-35476
A remote code execution vulnerability occurs in OpenTSDB up to and including 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.j...
Opentsdb Opentsdb
1 Metasploit module
2 Github repositories
4.3
CVSSv2
CVE-2018-13003
An issue exists in OpenTSDB 2.3.0. There is XSS in parameter 'type' to the /suggest URI.
Opentsdb Opentsdb 2.3.0
7.5
CVSSv2
CVE-2018-12972
An issue exists in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.
Opentsdb Opentsdb 2.3.0
4.3
CVSSv2
CVE-2018-12973
An issue exists in OpenTSDB 2.3.0. There is XSS in parameter 'json' to the /q URI.
Opentsdb Opentsdb 2.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started