EPSS
Percentile
66.0%
Centreon Web is vulnerable to remote code execution (RCE). The attacker can inject malicious code through ns_id parameter in getStats.php.
ns_id
getStats.php
www.openwall.com/lists/oss-security/2019/10/09/2
github.com/centreon/centreon/commit/019249fdd36802c7ce9030bb0262da78c59276cd
github.com/centreon/centreon/pull/7083
github.com/centreon/centreon/pull/7271
www.openwall.com/lists/oss-security/2019/10/08/1