Opendcim
Monthly
OS command injection in openDCIM 23.04 through commit 4467e9c4 via report_network_map.php allows authenticated users to execute arbitrary commands. EPSS 0.57% with PoC and patch available.
Authenticated users can execute arbitrary SQL commands against openDCIM 23.04 and earlier through unsanitized input in the Config::UpdateParameter function, enabling complete database compromise. The vulnerability exists in install.php and container-install.php handlers that pass user input directly into SQL queries without prepared statements. Public exploit code is available for this SQL injection vulnerability affecting PHP-based deployments.
OpenDCIM through version 23.04 fails to enforce authorization checks in its installation and upgrade handlers, allowing any authenticated user to modify LDAP configuration settings regardless of their assigned roles. Public exploit code exists for this vulnerability, and in deployments where REMOTE_USER authentication is not enforced, unauthenticated attackers may also access these administrative functions. An attacker can exploit this to alter application configuration and potentially compromise directory services integration.
OS command injection in openDCIM 23.04 through commit 4467e9c4 via report_network_map.php allows authenticated users to execute arbitrary commands. EPSS 0.57% with PoC and patch available.
Authenticated users can execute arbitrary SQL commands against openDCIM 23.04 and earlier through unsanitized input in the Config::UpdateParameter function, enabling complete database compromise. The vulnerability exists in install.php and container-install.php handlers that pass user input directly into SQL queries without prepared statements. Public exploit code is available for this SQL injection vulnerability affecting PHP-based deployments.
OpenDCIM through version 23.04 fails to enforce authorization checks in its installation and upgrade handlers, allowing any authenticated user to modify LDAP configuration settings regardless of their assigned roles. Public exploit code exists for this vulnerability, and in deployments where REMOTE_USER authentication is not enforced, unauthenticated attackers may also access these administrative functions. An attacker can exploit this to alter application configuration and potentially compromise directory services integration.