CVE-2024-12992

Name of the Vulnerable Software and Affected Versions Pandora FMS versions 700 through 777.6

Description The issue is related to improper neutralization of special elements used in a command, which allows OS command injection via remote code execution (RCE). This enables an attacker to inject system commands, potentially leading to unauthorized access or control.

Recommendations For Pandora FMS versions 700 through 777.6, consider disabling any functionality that allows remote command execution until a patch is available. Restrict access to sensitive areas of the system to minimize the risk of exploitation. Avoid using any features that may be vulnerable to OS command injection until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.