CVE-2020-35476 Scanner

OpenTSDB is a powerful open-source distributed time series database that was designed to record events or measurements data. It is built on top of Apache HBase, a distributed NoSQL database that provides random real-time read/write access to big data. With OpenTSDB, users can easily store, query, and graph large amounts of data in real-time in a scalable manner. It is commonly used by companies that have large amounts of data to track, such as monitoring and analyzing large-scale Web server infrastructures, mining data sensors, and IoT devices in real-time.

Recently, a vulnerability has been identified in OpenTSDB, namely CVE-2020-35476. This vulnerability enables remote code execution via command injection in the y-range parameter. Specifically, if an attacker inserts malicious code into the y-range parameter, it will be written to a gnuplot file in the /tmp directory, which will then be executed by the mygnuplot.sh shell script. This vulnerability can lead to serious consequences to any OpenTSDB deployment.

When exploited, this vulnerability can allow attackers to remotely execute any arbitrary code in the system running OpenTSDB. This means they can essentially take control of the whole system and access sensitive data. Moreover, the attacker can use this vulnerability to execute additional attacks such as data theft, DDoS, or install malware on the system. Cybercriminals are actively searching for non-hardened digital assets and, as such, OpenTSDB is becoming an attractive target.

Securityforeveryone.com is a platform that provides pro-level security services to protect digital assets. One of their core features is automated scanning of digital assets for vulnerabilities. By using this platform, users can easily identify the vulnerabilities in their digital assets, and take necessary actions to protect themselves. They can also get specific recommendations from the platform on how to fix any vulnerability that is potentially hazardous. With securityforeveryone.com, users can rest easy knowing that their digital assets are constantly monitored for any threats.

REFERENCES

• https://github.com/OpenTSDB/opentsdb/issues/2051 
• http://packetstormsecurity.com/files/170331/OpenTSDB-2.4.0-Command-Injection.html