CVE-2019-17501
HIGHCentreon 19.04 - OS Command Injection via Command Line Field
Title source: llmDescription
Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen). CVE-2019-17501 and CVE-2019-16405 are similar to one another and may be the same.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://gist.github.com/sinfulz/ef49270e245df050af59cc3dd3eefa6b
Scores
CVSS v3
8.8
EPSS
0.0248
EPSS Percentile
82.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (1)
centreon/centreon
19.04.0
Published
Oct 14, 2019
Tracked Since
Feb 18, 2026