Command Injection Vulnerability in Opsview Monitor's NetAudit Test Connection Functionality

Command Injection Vulnerability in Opsview Monitor's NetAudit Test Connection Functionality

CVE-2018-16144 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password parameter.

Learn more about our Web Application Penetration Testing UK.