![]() Note that the commands are executed as the user running the Netdata Agent. By providing a specially crafted `registry_hostname` as part of the health data that is streamed to a Netdata (parent) agent, an attacker can execute arbitrary commands at the remote host as a side-effect of the raised alert. One of them is the `registry_hostname` of the node for which the alert is raised. This command is populated with several arguments that are not sanitized. This function performs different checks and then enqueues a command by calling `spawn_enq_cmd`. When an alert is triggered, the function `health_alarm_execute` is called. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. Netdata is an open source option for real-time infrastructure monitoring and troubleshooting.
0 Comments
Leave a Reply. |