HTTP: Centreon init_script Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Centreon. A successful attack can lead to arbitrary code execution.

Extended Description

Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).

Affected Products

Centreon centreon

References

CVE: CVE-2019-13024

URL: https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.6.html https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04/centreon-19.04.3.html

Short Name

HTTP:PHP:CENTREON-RCE

Severity

Critical

Recommended

False

Recommended Action

Drop

HTTP: Centreon init_script Remote Code Execution

Extended Description

Affected Products

References

Found a potential security threat?