CVE-2013-3632

high

Description

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.

References

https://packetstormsecurity.com/files/179859

http://www.securityfocus.com/bid/62873

http://www.exploit-db.com/exploits/29323

http://osvdb.org/99143

Details

Source: Mitre, NVD

Published: 2014-09-29

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.56838