Centreon version 2.5.1 and Centreon Enterprise Server version 2.2 contain multiple vulnerabilities.
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') - CVE-2014-3829
Centreon version 2.5.1 and Centreon Enterprise Server version 2.2 are vulnerable to command injection due to unsafe handling of session_id and template_id variables in displayServiceStatus.php and insufficient filtering on the command_line variable. The underlying operating system is then able to interpolate special characters, allowing for arbitrary commands to be injected.
A remote unauthenticated attacker may be able to execute arbitrary OS and SQL commands.
The CERT/CC is currently unaware of a practical solution to this problem.
Thanks to Tod Beardsley of Rapid7 for reporting this vulnerability and MaZ for the original vulnerability discovery.
This document was written by Chris King.