Opsview Monitor testnotification Remote OS Command Injection Exploit

Opsview Web Management console allows to an authenticated administrator to test notifications that are triggered under certain configurable events. The 'value' parameter is not properly sanitized, leading to an arbitrary command injection executed on the system with nagios user privileges.
Platform: 
Vulnerabilty ID: 
CVE-2018-16146
Released Date: 
Monday, September 3, 2018 - 19:00