← Back to CVEs
CVE-2023-25826
CRITICAL9.8
Description
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was previously disclosed as CVE-2020-35476. Regex validation that was implemented to restrict allowed input to the query API does not work as intended, allowing crafted commands to bypass validation.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published5/3/2023
Last Modified2/13/2025
Sourcenvd
Honeypot Sightings0
Affected Products
opentsdb:opentsdb
Weaknesses (CWE)
CWE-78CWE-78
References
http://packetstormsecurity.com/files/174570/OpenTSDB-2.4.1-Unauthenticated-Command-Injection.html(disclosure@synopsys.com)
https://github.com/OpenTSDB/opentsdb/pull/2275(disclosure@synopsys.com)
https://www.synopsys.com/blogs/software-security/opentsdb/(disclosure@synopsys.com)
http://packetstormsecurity.com/files/174570/OpenTSDB-2.4.1-Unauthenticated-Command-Injection.html(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/OpenTSDB/opentsdb/pull/2275(af854a3a-2127-422b-91ae-364da2661108)
https://www.synopsys.com/blogs/software-security/opentsdb/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.