Summary
Monitorix HTTP Server Remote Code Execution Vulnerability
Impact
Successful exploits will result in the execution of arbitrary commands in the context of the affected server.
Solution
Updates are available.
Insight
The handle_request() routine did not properly perform input sanitization which led into a number of security vulnerabilities.
Affected
Monitorix < 3.3.1
Detection
Send a special crafted HTTP GET request and check the response.
References
Updated on 2015-03-25
