Arbitrary Command Execution Vulnerability in OpenMediaVault's Cron Service

CVE-2013-3632 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.

Learn more about our User Device Pen Test.