← back
CVE-2018-16144

CVE-2018-16144

EPSS 32.7%
The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://knowledge.opsview.com/v5.3/docs/whats-newhttps://knowledge.opsview.com/v5.4/docs/whats-newhttps://seclists.org/fulldisclosure/2018/Sep/3https://www.coresecurity.com/advisories/opsview-monitor-multiple-vulnerabilities