CVE-2025-3872

🗓️ 24 Apr 2025 09:19:33Reported by CentreonType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 50 Views

Privilege escalation in Centreon via SQL Injection in contact form due to payload alteration.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-3872	24 Apr 202510:08	–	circl
CNNVD	Centreon 安全漏洞	24 Apr 202500:00	–	cnnvd
Cvelist	CVE-2025-3872 Privilege escalation by altering payload in contact form	24 Apr 202509:19	–	cvelist
EUVD	EUVD-2025-12118	3 Oct 202520:07	–	euvd
NVD	CVE-2025-3872	24 Apr 202510:15	–	nvd
OSV	CVE-2025-3872 Privilege escalation by altering payload in contact form	24 Apr 202509:19	–	osv
Positive Technologies	PT-2025-17722 · Centreon · Centreon Web	24 Apr 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-3872	26 Apr 202510:13	–	redhatcve
Vulnrichment	CVE-2025-3872 Privilege escalation by altering payload in contact form	24 Apr 202509:19	–	vulnrichment

NVD

Node

centreon centreon_webRange22.10.0–22.10.28

centreon centreon_webRange23.04.0–23.04.25

centreon centreon_webRange23.10.0–23.10.20

centreon centreon_webRange24.04.0–24.04.10

centreon centreon_webRange24.10.0–24.10.4

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "User configuration form"
    ],
    "packageName": "centreon-web",
    "product": "Centreon",
    "vendor": "Centreon",
    "versions": [
      {
        "lessThan": "22.10.28",
        "status": "affected",
        "version": "22.10.0",
        "versionType": "semver"
      },
      {
        "lessThan": "23.04.25",
        "status": "affected",
        "version": "23.04.0",
        "versionType": "semver"
      },
      {
        "lessThan": "23.10.20",
        "status": "affected",
        "version": "23.10.0",
        "versionType": "semver"
      },
      {
        "lessThan": "24.04.10",
        "status": "affected",
        "version": "24.04.0",
        "versionType": "semver"
      },
      {
        "lessThan": "24.10.4",
        "status": "affected",
        "version": "24.10.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
github	www.github.com/centreon/centreon/releases
thewatch	www.thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55571-centreon-web-high-severity-4496

22 Oct 2025 14:10Current

7.3High risk

Vulners AI Score7.3

CVSS 3.17.2

EPSS0.00121

SSVC

CWE-89