Cybersecurity specialists reported the discovery of at least 15 flaws in Centreon, an open source solution for monitoring applications, systems and networks based on Nagios concepts. According to the report, successful exploitation of these flaws would allow the deployment of cross-site scripting (XSS) attacks, deserialization of unverified data, SQL injections, and other risk scenarios.
Below are brief descriptions of the reported flaws, in addition to their respective scores according to the Common Vulnerability Scoring System (CVSS). It should be noted that these flaws have not yet received CVE tracking keys.
- Improper debugging of user input in ACL resources would allow remote attackers to send specially crafted requests to the affected application and execute arbitrary SQL commands within the vulnerable application’s database. The flaw received a CVSS score of 8.5/10 and would allow remote attackers to read, delete, or modify sensitive data.
- Insufficient disinfection of user input on exporting reports would allow remote hackers to send a specially crafted request to the affected application and execute arbitrary SQL commands. The flaw received a score of 8.5/10.
- Improper disinfection of user input in the internal API broker configuration would allow threat actors to trick the victim into following a specially crafted link, leading to the execution of HTML code and arbitrary scripts in the target user’s browser. This flaw received a CVSS score of 5.3/10.
- Improper disinfection of user-provided data in the SNMP trap would allow remote hackers to trick the victim into following a specially crafted link in order to execute HTML code on the user’s website. The vulnerability received a CVSS score of 5.3/10.
- Improper disinfection of user-provided data in the internal API broker configuration would allow threat actors to trick the victim into following a specially crafted link, leading to the execution of HTML code and arbitrary scripts in the target user’s browser. The flaw received a score of 5.3/10.
- The vulnerability exists due to the improper sanitization of unserialize(), which would allow remote attackers to pass specially crafted data to the application and execute arbitrary code on the target system. The vulnerability received a CVSS score of 8.5/10.
- Improper debugging of unserialize() in the Centreon Broker wizard would allow remote threat actors to pass specially crafted data to the application and execute arbitrary code on the vulnerable system. The flaw received a CVSS score of 8.5/10.
- Insufficient disinfection of user input in Graph split would allow remote malicious hackers to send a specially crafted request to the affected application. The flaw received a score of 8.5/10 and its exploitation would allow arbitrary SQL commands to be executed within the application database.
- Insufficient disinfection of user input in ACL reloading would allow remote attackers to send specially crafted requests to the affected application and execute arbitrary SQL commands. The flaw received a score of 8.5/10.
- Improper infection of user input in Graph periods would allow malicious hackers to send specially crafted requests to the affected application and execute arbitrary SQL commands. The flaw received a CVSS score of 8.5/10.
- Insufficient disinfection of user input in Graph would allow remote attackers to send a specially crafted request to the affected application and execute arbitrary SQL commands on the target application. The flaw received a CVSS score of 8.5/10.
- Insufficient disinfection of user input in Graph allows remote attackers to send specially crafted requests to the affected application and execute arbitrary SQL commands. This vulnerability received a CVSS score of 8.5/10.
- Insufficient disinfection of user input in the survey form would allow remote hackers to send specially crafted requests to the affected application, allowing arbitrary SQL commands to be executed. The vulnerability received a score of 8.5/10.
- Insufficient debugging of user input in SNMP would allow remote attackers to send a specially crafted request to the affected application and execute arbitrary SQL commands. This vulnerability received a CVSS score of 8.5/10.
- Insufficient disinfection of user input on MediaWiki would allow remote attackers to send a specially crafted request to the affected application and execute arbitrary SQL commands. The flaw received a CVSS score of 8.5/10.
The flaws reside in the following versions of Centreon: 20.04.0, 20.04.2, 20.04.3, 20.04.4, 20.04.6, 20.04.7, 20.04.8, 20.04.9, 20.04.10, 20.04.11, 20.04.12, 20.04.13, 20.10.0, 20.10.1, 20.10.2, 20.10.3, 20.10.4, 20.10.5, 20.10.6, 20.10.7, 21.04.0 and 21.04.1.
While vulnerabilities can be exploited remotely by unauthenticated threat actors, so far no exploit attempts have been detected in real scenarios or the existence of a malware variant associated with the attack. Security patches that address these bugs are now available, so users of affected deployments are encouraged to update as soon as possible.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.