[Xymon] Remote Code execution
John Thurston
john.thurston at alaska.gov
Tue Oct 12 19:10:13 CEST 2021
On 10/12/2021 6:11 AM, Christoph Zechner wrote:
> after reading an old thread about remote code execution on here [1], I
> wondered if something like this is still possible nowadays with xymon?
Last time I looked, the Xymon client software permitted execution of
arbitrary code supplied from the Xymon server. This default behavior
could be changed by flipping a switch in the client's configuration (uh
huh. Yeah, sure).
I have never considered this to be a "feature".
--
Do things because you should, not just because you can.
John Thurston 907-465-8591
John.Thurston at alaska.gov
Department of Administration
State of Alaska
More information about the Xymon
mailing list