Centreon is a suite of enterprise monitoring products written in PHP.
A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted
**useralias** parameter in a POST request. The commands are executed when the error triggered by the request is written to a log file by the
Upgrade to Centreon 2.5.4 or higher.