CVE-2026-2750

CRITICAL

Centreon Open Tickets <25.10 - Input Validation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-2750. PoCs published by hakaioffsec, XZ1r0.

AI-analyzed exploit summary The repository contains functional exploit code for multiple Centreon vulnerabilities (CVE-2026-2749, CVE-2026-2750, CVE-2026-2751), including path traversal leading to RCE, command injection via CLAPI, and blind SQL injection. Each exploit is well-structured with clear arguments, session handling, and verification steps.

Description

Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.

Exploits (2)

github WORKING POC 9 stars

by hakaioffsec · pythonpoc

https://github.com/hakaioffsec/Centreon-Exploits-2026

View Code ZIP pw:eip

The repository contains functional exploit code for multiple Centreon vulnerabilities (CVE-2026-2749, CVE-2026-2750, CVE-2026-2751), including path traversal leading to RCE, command injection via CLAPI, and blind SQL injection. Each exploit is well-structured with clear arguments, session handling, and verification steps.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Centreon <= 25.10.6

Auth required

Prerequisites: valid PHPSESSID cookie · network access to target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 01, 2026 Full analysis →

github WORKING POC

by XZ1r0 · pythonpoc

https://github.com/XZ1r0/cve-2026-poc-collection/tree/main/other/Centreon-Exploits-2026/CVE-2026-2750

View Code ZIP pw:eip

This Python script exploits CVE-2026-2750, a command injection vulnerability in Centreon's CLAPI generatetraps functionality. It uploads a malicious MIB file via the open-tickets module and triggers command execution through the CLAPI endpoint.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Centreon <= 25.10.6

Auth required

Prerequisites: valid PHPSESSID cookie · access to Centreon web interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 21, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2750-centreon-web-critical-severity-5503

Scores

CVSS v3 9.1

EPSS 0.0030

EPSS Percentile 21.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-20

Status published

Products (2)

Centreon/Centreon Open Tickets on Central Server all - 25.10; 24.10;24.04

centreon/web < 24.04.24

Published Feb 27, 2026

Tracked Since Feb 27, 2026