This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: OpenTSDB suffers from **OS Command Injection** via the `yrange` parameter.β¦
π¦ **Affected**: **OpenTSDB** versions **through 2.4.0**. <br>π **Component**: The time series database's plotting functionality involving gnuplot integration.
Q4What can hackers do? (Privileges/Data)
π **Capabilities**: Hackers gain **Remote Code Execution (RCE)**. <br>π **Impact**: They can execute malware, steal sensitive info, modify data, and gain **full control** over the compromised system without credentials.
Q5Is exploitation threshold high? (Auth/Config)
β‘ **Threshold**: **Low**. <br>π **Access**: It is a **Remote** vulnerability. The description implies exploitation via the `yrange` parameter, suggesting it can be triggered over the network.β¦
π **Public Exp**: **Yes**. <br>π **Resources**: PoCs exist on GitHub (e.g., `glowbase/CVE-2020-35476`, `vulhub`, `nuclei-templates`). PacketStorm also lists a related exploit file.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for OpenTSDB instances running version **2.4.0 or earlier**. <br>π§ͺ **Test**: Use automated scanners like **Nuclei** with the specific CVE template.β¦
π§ **Workaround**: If patching is impossible, **restrict network access** to the OpenTSDB service. Implement **WAF rules** to block command injection patterns in the `yrange` parameter.β¦
π₯ **Urgency**: **HIGH**. <br>β οΈ **Reason**: It is a critical **RCE** vulnerability with public exploits. Immediate patching or mitigation is required to prevent unauthorized system control.