CVE-2019-19699

HIGH

Centreon Infrastructure Monitoring Software <19.10 - Authenticated RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-19699. PoCs published by SpengeSec.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2019-19699, an authenticated remote code execution vulnerability in Centreon <= 19.10. The exploit automates the process of creating a malicious post-restart command to achieve a reverse shell.

Description

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. To exploit the vulnerability, someone must have Admin access to the Centreon Web Interface and create a custom main.php?p=60803&type=3 command. The user must then set the Pollers Post-Restart Command to this previously created command via the main.php?p=60901&o=c&server_id=1 URI. This is triggered via an export of the Poller Configuration.

Exploits (1)

nomisec WORKING POC 3 stars

by SpengeSec · poc

https://github.com/SpengeSec/CVE-2019-19699

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2019-19699, an authenticated remote code execution vulnerability in Centreon <= 19.10. The exploit automates the process of creating a malicious post-restart command to achieve a reverse shell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Centreon <= 19.10

Auth required

Prerequisites: Valid Centreon credentials · Network access to the target · Listener set up for reverse shell

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Core References

Vendor Advisory x_refsource_misc

https://download.centreon.com/

Vendor Advisory x_refsource_misc

https://www.centreon.com/

Third Party Advisory x_refsource_misc

https://twitter.com/SpengeSec/status/1204418071764463618

Third Party Advisory x_refsource_misc

https://spenge.pw/cves/

Exploit, Third Party Advisory x_refsource_misc

https://github.com/SpengeSec/CVE-2019-19699

Scores

CVSS v3 7.2

EPSS 0.0891

EPSS Percentile 92.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-269

Status published

Products (1)

centreon/centreon < 19.10

Published Apr 06, 2020

Tracked Since Feb 18, 2026