CVE-2021-32099

CRITICAL

Artica Pandora FMS 742 - Unauthenticated SQL Injection via session_id Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2021-32099. PoCs published by magicrc.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-32099, which leverages a SQL injection vulnerability in Pandora FMS to bypass authentication and upload a reverse shell for remote code execution.

Description

A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.

Exploits (4)

nomisec WORKING POC
by magicrc · poc
https://github.com/magicrc/CVE-2021-32099

This repository contains a functional exploit for CVE-2021-32099, which leverages a SQL injection vulnerability in Pandora FMS to bypass authentication and upload a reverse shell for remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Pandora FMS 742
No auth needed
Prerequisites: Network access to the target Pandora FMS instance · A reachable listener for the reverse shell
devstral-2 · analyzed Feb 18, 2026 Full analysis →
inthewild WORKING POC
poc
https://github.com/zjicmdarkwing/cve-2021-32099

The repository contains a functional SQL injection (SQLi) proof-of-concept for CVE-2021-32099, targeting Pandora FMS 742. The exploit leverages a union-based SQLi in the `chart_generator.php` endpoint to manipulate session data and potentially escalate privileges.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Pandora FMS 742
No auth needed
Prerequisites: Access to the target's `chart_generator.php` endpoint
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild WRITEUP
poc
https://github.com/l3eol3eo/cve-2021-32099_sqli

This repository provides a detailed technical analysis of CVE-2021-32099, a SQL injection vulnerability in Pandora FMS v7.0NG.742_FIX_PERL2020. It includes root cause analysis, code snippets, and a proof-of-concept payload for bypassing authentication via session manipulation.

Classification
Writeup 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Pandora FMS v7.0NG.742_FIX_PERL2020
No auth needed
Prerequisites: Access to the target endpoint · SQL injection payload crafting
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild WORKING POC
poc
https://github.com/ibnuuby/cve-2021-32099

This repository contains a functional proof-of-concept for CVE-2021-32099, a SQL injection vulnerability in Pandora FMS. The exploit leverages a UNION-based SQLi in the chart_generator.php endpoint to inject a serialized PHP session containing admin credentials.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Pandora FMS 7.42
No auth needed
Prerequisites: Access to the Pandora FMS web interface
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 9.8
EPSS 0.6187
EPSS Percentile 98.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
artica/pandora_fms 742
Published May 07, 2021
Tracked Since Feb 18, 2026