cgi-bin/munin-cgi-graph in Munin 2.x writes data to a log file without sanitizing non-printable characters, which might allow user-assisted remote malicious users to inject terminal emulator escape sequences and execute arbitrary commands or delete arbitrary files via a crafted HTTP request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
munin-monitoring munin 2.0 |
||
munin-monitoring munin 2.1 |