CVE-2024-5725

high-risk

Published 2024-08-21

Centreon initCurveList SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the initCurveList function. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the apache user. Was ZDI-CAN-22683.

Do I need to act?

51.3% chance of exploitation in next 30 days

EPSS score — higher than 49% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (1)

Centreon Web

Affected Vendors

Centreon

References (2)

Third Party Advisory https://www.zerodayinitiative.com/advisories/ZDI-24-597/

Patch https://thewatch.centreon.com/latest-security-bulletins-64/security-bulletin-for...

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 18/34 · Moderate

Exposure 5/34 · Minimal