Multiple vulnerabilities in Centreon
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2019-17501 CVE-2019-13024 |
| CWE-ID | CWE-78 CWE-77 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software Subscribe |
Centreon Web applications / Remote management & hosting panels |
| Vendor | Centreon |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) OS Command Injection
EUVDB-ID: #VU35158
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-17501
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to execute arbitrary code.
Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen). CVE-2019-17501 and CVE-2019-16405 are similar to one another and may be the same.
MitigationInstall update from vendor's website.
Vulnerable software versionsCentreon: 19.04.0
External linkshttp://gist.github.com/sinfulz/ef49270e245df050af59cc3dd3eefa6b
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Command Injection
EUVDB-ID: #VU35769
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-13024
CWE-ID:
CWE-77 - Command injection
Exploit availability: Yes
DescriptionThe vulnerability allows a remote authenticated user to execute arbitrary code.
Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).
MitigationInstall update from vendor's website.
Vulnerable software versionsCentreon: 19.04.0
External linkshttp://packetstormsecurity.com/files/153504/Centreon-19.04-Remote-Code-Execution.html
http://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.6.html
http://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04/centreon-19.04.3.html
http://gist.github.com/mhaskar/c4255f6cf45b19b8a852c780f50576da
http://github.com/centreon/centreon/pull/7694
http://shells.systems/centreon-v19-04-remote-code-execution-cve-2019-13024/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
