4 matches found
CVE-2020-22345
/graphStatus/displayServiceStatus.php in Centreon 19.10.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the RRDdatabasepath parameter...
CVE-2020-22345
/graphStatus/displayServiceStatus.php in Centreon 19.10.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the RRDdatabasepath parameter...
CVE-2020-22345
CVE-2020-22345 affects Centreon 19.10.8. The flaw is an OS command injection in the web interface: /graphStatus/displayServiceStatus.php accepts shell metacharacters in the RRDdatabase_path parameter, enabling remote command execution. Multiple connected sources (Red Hat advisory, OSV, CNVD/CNNVD...
Centreon RRDdatabase_status_path Command Injection (CVE-2020-13252; CVE-2020-22345)
A command injection vulnerability exists in the Centreon Web Application. The vulnerability is due to improper validation of the RRDdatabasestatuspath parameter in an HTTP request...