Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary command injection with the privileges of the nagios user account.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Opsview Monitor 安全漏洞
Vulnerability Description
Opsview Monitor是英国Opsview公司的一套企业级的网络、服务器和应用程序监控工具。该工具可与Nagios Core、RRDTool等监控系统集成使用。 Opsview Monitor 5.4.2之前的5.4.x版本中的Web管理控制台存在安全漏洞,该漏洞源于程序没有正确地过滤‘value’参数。攻击者可利用该漏洞以nagios用户权限注入任意命令。
CVSS Information
N/A
Vulnerability Type
N/A