Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1oNDc1LTd2M2MtMjZxN84AAzEg

Command injection in OpenTSDB

Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was previously disclosed as CVE-2020-35476. Regex validation that was implemented to restrict allowed input to the query API does not work as intended, allowing crafted commands to bypass validation.

Permalink: https://github.com/advisories/GHSA-h475-7v3c-26q7
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1oNDc1LTd2M2MtMjZxN84AAzEg
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: over 1 year ago
Updated: about 1 year ago


CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Percentage: 0.00197
EPSS Percentile: 0.58509

Identifiers: GHSA-h475-7v3c-26q7, CVE-2023-25826
References: Repository: https://github.com/OpenTSDB/opentsdb
Blast Radius: 22.0

Affected Packages

maven:net.opentsdb:opentsdb
Dependent packages: 4
Dependent repositories: 175
Downloads:
Affected Version Ranges: <= 2.4.1
No known fixed version
All affected versions: 2.1.3, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1