CVE-2020-13252

2020-05-21T04:15:00
ID CVE-2020-13252
Type cve
Reporter cve@mitre.org
Modified 2020-05-21T14:18:00

Description

Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.