CVE-2013-7070

CVE-2013-7070

EPSS 4.1%

The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://openwall.com/lists/oss-security/2013/12/12/8 https://github.com/mikaku/Monitorix/commit/ff80441be7089f774448dfe4b49e6fced70e71cb https://github.com/mikaku/Monitorix/issues/30