Arbitrary Code Execution Affecting net.opentsdb:opentsdb Open this link in a new tab package, versions [0,2.4.1)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
15 Dec 2020
18 Nov 2020
How to fix?
net.opentsdb:opentsdb to version 2.4.1 or higher.
net.opentsdb:opentsdb is a scalable, distributed Time Series Database.
Affected versions of this package are vulnerable to Arbitrary Code Execution. It is possible to bypass the command injection sanitation within
/src/tsd/GraphHandler.java and execute arbitrary commands. Payload:
When passing the payload via one of the parameters it is written to a
gnuplot file in the
/tmp directory and the
gnuplot file is executed by
OpenTSDB via the
/src/mygnuplot.sh shell script. When executed by OpenTSDB mygnuplot.sh the poc.txt file will be written to the temp directory.