U32I@Proton.Me

**Name of the Vulnerable Software and Affected Versions** Pandora FMS versions 700 through 776 **Description** The issue is related to system command injection through the Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. **Recommendations** For Pandora FMS versions 700 through 776, update to a version that includes proper input validation for the Netflow function to prevent system command injection. As a temporary workaround, consider restricting access to the Netflow function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Pandora FMS versions 700 through 776 **Description** The issue allows unauthenticated attackers to execute arbitrary code on the server through Argument Injection Leading to Remote Code Execution in the Realtime Graph Extension. **Recommendations** For Pandora FMS versions 700 through 776, update to a version that is not affected by this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.