CVE-2015-1561

Centreon <2.5.4 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-1561. PoCs published by Huy-Ngoc DAU.

AI-analyzed exploit summary The document describes two vulnerabilities in Centreon 2.5.4 and prior: an unauthenticated blind SQL injection (CVE-2015-1560) and an authenticated remote command execution (CVE-2015-1561). It includes PoC URLs for both vulnerabilities, demonstrating how an attacker can exploit them to gain control of the web server.

Description

The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon 19.10.0) uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ns_id parameter.

Exploits (1)

exploitdb WRITEUP
by Huy-Ngoc DAU · textwebappsphp
https://www.exploit-db.com/exploits/37528

The document describes two vulnerabilities in Centreon 2.5.4 and prior: an unauthenticated blind SQL injection (CVE-2015-1560) and an authenticated remote command execution (CVE-2015-1561). It includes PoC URLs for both vulnerabilities, demonstrating how an attacker can exploit them to gain control of the web server.

Classification
Writeup 100%
Attack Type
Sqli | Rce
Complexity
Moderate
Reliability
Reliable
Target: Merethis Centreon 2.5.4 and prior
No auth needed
Prerequisites: Network access to the target · Valid session_id for RCE
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.0524
EPSS Percentile 90.2%

Details

CWE
CWE-77
Status published
Products (2)
centreon/centreon < 2.5.4
centreon/centreon 0 - 2.8.28Packagist
Published Jul 14, 2015
Tracked Since Feb 18, 2026