1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Centreon Web Interface Remote Code Execution

Attack: Centreon Web Interface Remote Code Execution

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

An attacker can execute arbitrary system commands within the context of the affected application.

Additional Information

Centreon is a monitoring software.

Centreon is prone to a remote command-execution vulnerability that affects the Web Interface. Specifically, this issue occurs because it fails to properly use the ECHO command for logging SQL errors functionality.

An attacker can execute arbitrary system commands within the context of the affected application.

Affected

  • Centreon 2.5.3 and prior are vulnerable.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube