This security bulletin contains one high risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request.Mitigation
Install update from vendor's website.Vulnerable software versions
Centreon: 2.8.0 - 2.8.26
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?