CVE-2025-5965

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 25.10.0 through 25.10.1 Centreon Infra Monitoring versions 24.10.0 through 24.10.14 Centreon Infra Monitoring versions 24.04.0 through 24.04.18

Description A flaw exists in the backup parameters of Centreon Infra Monitoring where a user with high privileges can append custom instructions to the backup configuration. This can lead to OS Command Injection due to improper neutralization of special elements used in OS commands. The issue is present in the backup configuration within the administration setup modules.

Recommendations Update Centreon Infra Monitoring to version 25.10.2 or later. Update Centreon Infra Monitoring to version 24.10.15 or later. Update Centreon Infra Monitoring to version 24.04.19 or later.