CVE-2026-2751

HIGH

Centreon Web <25.10.8 - Blind SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-2751. PoCs published by hakaioffsec, XZ1r0.

AI-analyzed exploit summary The repository contains functional exploit code for multiple Centreon vulnerabilities (CVE-2026-2749, CVE-2026-2750, CVE-2026-2751), including path traversal to RCE, command injection via CLAPI, and blind SQL injection. Each exploit is well-structured with clear arguments and verification steps.

Description

Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.

Exploits (2)

github WORKING POC 9 stars

by hakaioffsec · pythonpoc

https://github.com/hakaioffsec/Centreon-Exploits-2026

View Code ZIP pw:eip

The repository contains functional exploit code for multiple Centreon vulnerabilities (CVE-2026-2749, CVE-2026-2750, CVE-2026-2751), including path traversal to RCE, command injection via CLAPI, and blind SQL injection. Each exploit is well-structured with clear arguments and verification steps.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Centreon <= 25.10.6

Auth required

Prerequisites: valid PHPSESSID cookie · network access to target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 01, 2026 Full analysis →

github WORKING POC

by XZ1r0 · pythonpoc

https://github.com/XZ1r0/cve-2026-poc-collection/tree/main/other/Centreon-Exploits-2026/CVE-2026-2751

View Code ZIP pw:eip

This is a functional blind SQL injection exploit for Centreon <= 25.10.6 (CVE-2026-2751). It leverages unsanitized array keys in Service Dependencies to extract data via time-based SQLi, supporting both credential dumping and custom query execution.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Centreon <= 25.10.6

Auth required

Prerequisites: valid PHPSESSID cookie · access to Centreon web interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed May 21, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2751-centreon-web-high-severity-5504

Scores

CVSS v3 8.3

EPSS 0.0027

EPSS Percentile 18.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-89

Status published

Products (1)

centreon/centreon_web 24.04.0 - 24.04.24.

Published Feb 27, 2026

Tracked Since Feb 27, 2026