Strike ID:
E19-7p341
CVSS:
9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
False Positive:
t
Variants:
4
Year:
2019

Description

An OS command injection exists in Centreon 19.04.0 due to lack of sanitization when the nagios binary path is set. By exploiting this flaw, an authenticated remote attacker can run arbitrary OS commands on the target system.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}