CVE-2013-3632

HIGH

openmediavault - Authenticated Remote Code Execution via Cron Service Username Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-3632. PoCs published by Metasploit, including Metasploit module exploits/unix/webapp/openmediavault_auth_cron_rce.

AI-analyzed exploit summary This Metasploit module exploits CVE-2013-3632 in OpenMediaVault by authenticating as a user and creating a cron job as root to execute arbitrary commands. The exploit leverages the cron job functionality to achieve remote command execution.

Description

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/29323

View Code ZIP pw:eip

This Metasploit module exploits CVE-2013-3632 in OpenMediaVault by authenticating as a user and creating a cron job as root to execute arbitrary commands. The exploit leverages the cron job functionality to achieve remote command execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: OpenMediaVault

Auth required

Prerequisites: Valid credentials for OpenMediaVault · Network access to the target

MITRE ATT&CK

T1053.003 - Cron T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/openmediavault_auth_cron_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits an authenticated RCE vulnerability in OpenMediaVault by abusing the cron job functionality via rpc.php to execute arbitrary commands as root. It supports multiple versions and includes options for persistent payloads.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: OpenMediaVault (all versions up to 7.4.2-2)

Auth required

Prerequisites: Valid OpenMediaVault credentials · Network access to the rpc.php endpoint

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1053 - Scheduled Task/Job

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Exploit x_refsource_misc

https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats

Exploit, Third Party Advisory

https://packetstormsecurity.com/files/179859

Third Party Advisory x_refsource_misc

https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/62873

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/29323

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/99143

Scores

CVSS v3 8.8

EPSS 0.5684

EPSS Percentile 98.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-264

Status published

Products (1)

openmediavault/openmediavault

Published Sep 29, 2014

Tracked Since Feb 18, 2026