CVE-2015-1561

2015-07-14T12:59:01
ID CVE-2015-1561
Type cve
Reporter NVD
Modified 2015-07-14T14:04:00

Description

The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ns_id parameter.