← voltar
CVE-2020-13252

CVE-2020-13252

EPSS 5.4%
Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://engindemirbilek.github.io/centreon-19.10-rcehttps://github.com/centreon/centreon/compare/19.04.13...19.04.15https://github.com/centreon/centreon/pull/8467https://github.com/EnginDemirbilek/EnginDemirbilek.github.io/blob/master/centreon-19.10-rce.html