CVE-2017-6188

Published February 22nd, 2017

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

1.9

LOW

Affected

PROJECT

Description

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.

munin-monitoring/munin

Main repository for munin master / node / plugins

GitHub

2.13K