Command Execution Vulnerability in OpenTSDB 2.3.0

Command Execution Vulnerability in OpenTSDB 2.3.0

CVE-2018-12972 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.

Learn more about our Web Application Penetration Testing UK.