PT-2026-1289 · Centreon · Centreon Infra Monitoring

Marceloqj

Publicado

2026-01-05

Atualizado

2026-01-08

CVE-2025-15029

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 24.04.0 through 24.04.3 Centreon Infra Monitoring versions 24.10.0 through 24.10.3 Centreon Infra Monitoring versions 25.10.0 through 25.10.2

Description A flaw exists in Centreon Infra Monitoring (Awie export modules) that allows for SQL Injection. This issue can be exploited by an unauthenticated user. The vulnerability involves improper neutralization of special elements used in an SQL command. Exploitation could lead to full system compromise.

Recommendations Update Centreon Infra Monitoring to version 24.04.3 or later. Update Centreon Infra Monitoring to version 24.10.3 or later. Update Centreon Infra Monitoring to version 25.10.2 or later.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

BDU:2026-00666

CVE-2025-15029

Produtos afetados

Centreon Infra Monitoring

PT-2026-1289 · Centreon · Centreon Infra Monitoring

CVE-2025-15029

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12