cbcvebase.
CVE-2012-3513
published 2012-11-21

CVE-2012-3513: munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in…

PriorityP348critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
2.37%
81.7th percentile
munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.

Affected

25 ranges
VendorProductVersion rangeFixed in
debianmunin< munin 2.0.6-1 (bookworm)munin 2.0.6-1 (bookworm)
munin-monitoringmunin<= 2.0.5
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin
munin-monitoringmunin>= 0 < 2.0.6-12.0.6-1
munin-monitoringmunin>= 0 < 2.0.6-12.0.6-1
munin-monitoringmunin>= 0 < 2.0.6-12.0.6-1
munin-monitoringmunin>= 0 < 2.0.6-12.0.6-1

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3CRITICAL
vendor_ubuntu1.2LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.