exploitDog

CVE-2019-17501

Опубликовано: 14 окт. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Низкий

Описание

Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen). CVE-2019-17501 and CVE-2019-16405 are similar to one another and may be the same.

Ссылки

https://gist.github.com/sinfulz/ef49270e245df050af59cc3dd3eefa6b
Exploit
Third Party Advisory
https://gist.github.com/sinfulz/ef49270e245df050af59cc3dd3eefa6b
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:centreon:centreon:19.04.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00466

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-w98j-cfw5-wc5f

github

больше 3 лет назад

Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen).

EPSS

Процентиль: 64%

0.00466

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-78