Centreon Web Interface 2.5.3 Command Execution
Posted by deepcore on July 28, 2016 – 6:06 am
Centreon Web Interface versions 2.5.3 and below utilize an ECHO for logging SQL errors. This functionality can be abused for arbitrary code execution, and can be triggered via the login screen prior to authentication.
Post a reply
You must be logged in to post a comment.