What is CVE-2012-0261?

CVE-2012-0261 is a vulnerability in Op5 Monitor, classified under Code Injection. Published 2013-12-31.

Is CVE-2012-0261 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Op5 Monitor

CVE-2012-0261

license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for an install action.

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.872 (99.5th percentile) — read the EPSS interpretation.

Affected products

Op5 Monitor — versions 5.3.5, 5.4.0, 5.4.2
Op5 System-portal
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cve@mitre.org (x_refsource_CONFIRM)
78064 (x_refsource_OSVDB, vdb-entry)
47417 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)
20120107 OP5 Monitor - Multiple Vulnerabilities (mailing-list, x_refsource_FULLDISC)
cve@mitre.org (x_refsource_MISC)

Frequently asked questions

What is CVE-2012-0261?: CVE-2012-0261 is a vulnerability in Op5 Monitor, classified under Code Injection. Published 2013-12-31.
Is CVE-2012-0261 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.