6 results (0.006 seconds)

CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-39915 – Authenticated remote code execution in Thruk

https://notcve.org/view.php?id=CVE-2024-39915

Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to inject arbitrary commands via the URL parameter during PDF report generation. The Thruk web application does not properly process the url parameter when generating a PDF report. An authorized attacker with access to the reporting functionality could inject arbitrary commands that would be executed when the script /script/html2pdf.sh is called. The vulnerability can be exploited by an authorized user with network access. • https://github.com/sni/Thruk/commit/7e7eb251e76718a07639c4781f0d959d817f173b https://github.com/sni/Thruk/security/advisories/GHSA-r7gx-h738-4w6f • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2024-23822 – Thruk Incorrect limitation of a pathname to a restricted directory (Path Traversal) (CWE-22)

https://notcve.org/view.php?id=CVE-2024-23822

Thruk is a multibackend monitoring webinterface. Prior to 3.12, the Thruk web monitoring application presents a vulnerability in a file upload form that allows a threat actor to arbitrarily upload files to the server to any path they desire and have permissions for. This vulnerability is known as Path Traversal or Directory Traversal. Version 3.12 fixes the issue. Thruk es una interfaz web de monitoreo multibackend. • https://github.com/sni/Thruk/commit/1aa9597cdf2722a69651124f68cbb449be12cc39 https://github.com/sni/Thruk/security/advisories/GHSA-4mrh-mx7x-rqjx • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 8

CVE-2023-34096 – Thruk has Path Traversal Vulnerability in panorama.pm

https://notcve.org/view.php?id=CVE-2023-34096

Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. In versions 3.06 and prior, the file `panorama.pm` is vulnerable to a Path Traversal vulnerability which allows an attacker to upload a file to any folder which has write permissions on the affected system. The parameter location is not filtered, validated or sanitized and it accepts any kind of characters. For a path traversal attack, the only characters required were the dot (`.`) and the slash (`/`). A fix is available in version 3.06.2. • https://github.com/galoget/Thruk-CVE-2023-34096 https://www.exploit-db.com/exploits/51509 http://packetstormsecurity.com/files/172822/Thruk-Monitoring-Web-Interface-3.06-Path-Traversal.html https://galogetlatorre.blogspot.com/2023/06/cve-2023-34096-path-traversal-thruk.html https://github.com/sni/Thruk/blob/1bc5a5804bf9fc22e82a4eadb21a1795954f0867/plugins/plugins-available/panorama/lib/Thruk/Controller/panorama.pm#L690 https://github.com/sni/Thruk/blob/1bc5a5804bf9fc22e82a4eadb21a1795954f0867/plugins/plugins-available/panorama • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-35490

https://notcve.org/view.php?id=CVE-2021-35490

Thruk before 2.44 allows XSS for a quick command. Thruk versión 2.44 permite una vulnerabilidad de tipo XSS almacenado • https://www.gruppotim.it/redteam https://www.thruk.org/changelog.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-35488

https://notcve.org/view.php?id=CVE-2021-35488

Thruk 2.40-2 allows /thruk/#cgi-bin/status.cgi?style=combined&title={TITLE] Reflected XSS via the host or title parameter. An attacker could inject arbitrary JavaScript into status.cgi. The payload would be triggered every time an authenticated user browses the page containing it. Thruk versión 2.40-2 permite /thruk/#cgi-bin/status.cgi? • https://www.gruppotim.it/redteam https://www.thruk.org/changelog.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •