centreon/centreon is a network, system, applicative supervision and monitoring tool.
Affected versions of this package are vulnerable to Command Injection. An authenticated command injection is present in the page
include/configuration/configObject/traps-mibs/formMibs.php. This page is called from the Centreon administration interface. This is the mibs management feature that contains a file filing form. At the time of submission of a file, the
mnftr parameter is sent to the page and is not filtered properly, allowing injection of commands.
centreon/centreon to version 19.10.2, 18.10.8, 2.8.30, 19.4.5 or higher.