Centreon, a free and open source IT and application monitoring software, is vulnerable to an OS command injection vulnerability in /graphStatus/displayServiceStatus.php in Centreon version 19.10.8. A remote attacker can exploit this vulnerability to execute arbitrary OS commands via shell metacharacters in the RRDdatabase_path parameter.
CPE | Name | Operator | Version |
---|---|---|---|
centreon centreon | eq | 19.10.8 |