CVE-2019-16405
28Vexday Risk Score
Sin señal de explotación. Ella tiene prueba de concepto pública.
ssvc Attendepss 27%
de la publicación al arma0 días
Publicada en NVD21 nov
1ª PoC18 oct
probabilidad de explotación
27%top 2% de las CVE
explotación observada
noninguna fuente lo reporta
3 exploit(s) público(s)
Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may be the same.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
githubgithub.com/TheCyberGeek/CVE-2019-16405.rb★ 9cve_referencepacketstormsecurity.com/files/155999/Centreon-19.04-Remote-Code-Execution.htmlno verificadoexploitdbwww.exploit-db.com/exploits/47948no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
Referencias
http://packetstormsecurity.com/files/155999/Centreon-19.04-Remote-Code-Execution.htmlhttps://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.htmlhttps://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.htmlhttps://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.htmlhttps://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.htmlhttps://github.com/centreon/centreon/pull/7864https://github.com/centreon/centreon/pull/7884https://github.com/TheCyberGeek/CVE-2019-16405.rbhttps://thecybergeek.co.uk/cves/2019/09/17/CVE-2019-16405-06.htmlhttps://thecybergeek.co.uk/cves/2019/09/19/CVEs.html