Vulnerability identifier: #VU35769
Vulnerability risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-77
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
Centreon
Web applications /
Remote management & hosting panels
Vendor: Centreon
Description
The vulnerability allows a remote authenticated user to execute arbitrary code.
Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).
Mitigation
Install update from vendor's website.
Vulnerable software versions
Centreon: 19.04.0
External links
http://packetstormsecurity.com/files/153504/Centreon-19.04-Remote-Code-Execution.html
http://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.6.html
http://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04/centreon-19.04.3.html
http://gist.github.com/mhaskar/c4255f6cf45b19b8a852c780f50576da
http://github.com/centreon/centreon/pull/7694
http://shells.systems/centreon-v19-04-remote-code-execution-cve-2019-13024/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.