CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39915 – Authenticated remote code execution in Thruk
https://notcve.org/view.php?id=CVE-2024-39915
15 Jul 2024 — Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to inject arbitrary commands via the URL parameter during PDF report generation. The Thruk web application does not properly process the url parameter when generating a PDF report. An authorized attacker with access to the reporting functionality could inject arbitrary commands that would be executed when the script /scri... • https://github.com/sni/Thruk/commit/7e7eb251e76718a07639c4781f0d959d817f173b • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23822 – Thruk Incorrect limitation of a pathname to a restricted directory (Path Traversal) (CWE-22)
https://notcve.org/view.php?id=CVE-2024-23822
29 Jan 2024 — Thruk is a multibackend monitoring webinterface. Prior to 3.12, the Thruk web monitoring application presents a vulnerability in a file upload form that allows a threat actor to arbitrarily upload files to the server to any path they desire and have permissions for. This vulnerability is known as Path Traversal or Directory Traversal. Version 3.12 fixes the issue. Thruk es una interfaz web de monitoreo multibackend. • https://github.com/sni/Thruk/commit/1aa9597cdf2722a69651124f68cbb449be12cc39 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 17%CPEs: 1EXPL: 9CVE-2023-34096 – Thruk has Path Traversal Vulnerability in panorama.pm
https://notcve.org/view.php?id=CVE-2023-34096
08 Jun 2023 — Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. In versions 3.06 and prior, the file `panorama.pm` is vulnerable to a Path Traversal vulnerability which allows an attacker to upload a file to any folder which has write permissions on the affected system. The parameter location is not filtered, validated or sanitized and it accepts any kind of characters. For a path traversal attack, the only characters required were the dot (`.`) and t... • https://packetstorm.news/files/id/172822 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-35490
https://notcve.org/view.php?id=CVE-2021-35490
15 Dec 2021 — Thruk before 2.44 allows XSS for a quick command. Thruk versión 2.44 permite una vulnerabilidad de tipo XSS almacenado • https://www.gruppotim.it/redteam • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-35488
https://notcve.org/view.php?id=CVE-2021-35488
09 Nov 2021 — Thruk 2.40-2 allows /thruk/#cgi-bin/status.cgi?style=combined&title={TITLE] Reflected XSS via the host or title parameter. An attacker could inject arbitrary JavaScript into status.cgi. The payload would be triggered every time an authenticated user browses the page containing it. Thruk versión 2.40-2 permite /thruk/#cgi-bin/status.cgi? • https://www.gruppotim.it/redteam • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-35489
https://notcve.org/view.php?id=CVE-2021-35489
09 Nov 2021 — Thruk 2.40-2 allows /thruk/#cgi-bin/extinfo.cgi?type=2&host={HOSTNAME]&service={SERVICENAME]&backend={BACKEND] Reflected XSS via the host or service parameter. An attacker could inject arbitrary JavaScript into extinfo.cgi. The malicious payload would be triggered every time an authenticated user browses the page containing it. Thruk versión 2.40-2 permite /thruk/#cgi-bin/extinfo.cgi? • https://www.gruppotim.it/redteam • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •