cvedb.io
CVE-2023-22496
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2023-01-14T01:15:15.393 · Last modified 2026-06-17T05:35:35.213

Summary

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function `health_alarm_execute` is called. This function performs different checks and then enqueues a command by calling `spawn_enq_cmd`. This command is populated with several arguments that are not sanitized. One of them is the `registry_hostname` of the node for which the alert is raised. By providing a specially crafted `registry_hostname` as part of the health data that is streamed to a Netdata (parent) agent, an attacker can execute arbitrary commands at the remote host as a side-effect of the raised alert. Note that the commands are

Affected products

netdata — netdata

Does this affect you?

Add your gear to cvedb and we'll alert you only when netdata ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.