Christophe De La Fuente

**Name of the Vulnerable Software and Affected Versions** Merethis Centreon versions prior to 2.3.2 **Description** The issue allows remote authenticated users to execute arbitrary commands. This is achieved by exploiting a directory traversal vulnerability in the `main.php` file. The vulnerability can be triggered by including a `..` (dot dot) in the `command name` parameter. **Recommendations** For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `main.php` file or limiting the use of the `command name` parameter to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** Merethis Centreon versions prior to 2.3.2 **Description** The issue concerns the calculation of a password hash in the `www/include/configuration/nconfigObject/contact/DB-Func.php` file. Specifically, it does not utilize a salt, making it easier for attackers to determine cleartext passwords via a rainbow-table approach. **Recommendations** For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue. As a temporary workaround, consider implementing additional security measures to protect against rainbow-table attacks, such as using a web application firewall or restricting access to sensitive areas of the application.