CVE-2026-2749

CRITICAL LAB

Centreon Open Tickets <25.10.3 - Path Traversal

Title source: manual

Description

Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.

Exploits (2)

nomisec WORKING POC 2 stars

by hakaioffsec · poc

https://github.com/hakaioffsec/Centreon-Exploits-2026

View Code ZIP pw:eip

github WORKING POC 1 stars

by exploitintel · pythonpoc

https://github.com/exploitintel/eip-pocs-and-cves/tree/main/CVE-2026-2749

View Code ZIP pw:eip

References (1)

[Various Sources] https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2749-centreon-open-tickets-critical-severity-5493

Scores

CVSS v3 9.9

EPSS 0.0003

EPSS Percentile 7.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Lab Environment

vulnerable

docker pull ghcr.io/exploitintel/cve-2026-2749-vulnerable:latest

All Labs GitHub

Classification

Status draft

Timeline

Published Feb 27, 2026

Tracked Since Feb 27, 2026