Arbitrary Command Execution Vulnerability in OpenMediaVault's Cron Service

CVE-2013-3632 · HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2013-3632

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.

Learn more about our User Device Pen Test.