High severity8.8NVD Advisory· Published Sep 29, 2014· Updated May 6, 2026

CVE-2013-3632

Description

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.

Affected products

Openmediavault/Openmediavault
cpe:2.3:a:openmediavault:openmediavault:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/29323nvdExploit
community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treatsnvdExploit
osvdb.org/99143nvd
www.securityfocus.com/bid/62873nvd
community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-onenvd
packetstormsecurity.com/files/179859nvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.063
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000