{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-5946", "assignerOrgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "state": "PUBLISHED", "assignerShortName": "Centreon", "dateReserved": "2025-06-09T17:09:29.545Z", "datePublished": "2025-10-14T14:29:00.514Z", "dateUpdated": "2025-10-14T16:03:12.207Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Poller reload setup in the configuration"], "product": "Infra Monitoring", "vendor": "Centreon", "versions": [{"lessThan": "24.10.13", "status": "affected", "version": "24.10.0", "versionType": "custom"}, {"lessThan": "24.04.18", "status": "affected", "version": "24.04.0", "versionType": "custom"}, {"lessThan": "23.10.28", "status": "affected", "version": "23.10.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "h00die-gr3y a.k.a. Hanko van Giessen"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon </span><span style=\"background-color: rgb(255, 255, 255);\">Infra Monitoring </span><span style=\"background-color: rgb(255, 255, 255);\">(Poller reload setup in the configuration modules) allows OS Command Injection.</span><br><span style=\"background-color: rgb(255, 255, 255);\">On the poller parameters page, a user with high privilege is able to concatenate custom instructions into the poller reload command.</span>\n\n<p>This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18, from 23.10.0 before 23.10.28.</p>"}], "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) allows OS Command Injection.\nOn the poller parameters page, a user with high privilege is able to concatenate custom instructions into the poller reload command.\n\nThis issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18, from 23.10.0 before 23.10.28."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "shortName": "Centreon", "dateUpdated": "2025-10-14T14:29:00.514Z"}, "references": [{"tags": ["release-notes"], "url": "https://github.com/centreon/centreon/releases"}, {"tags": ["vendor-advisory"], "url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2025-5946-centreon-web-all-versions-high-severity-5104"}], "source": {"discovery": "UNKNOWN"}, "title": "RCE via the poller reload feature available only to user with high privilege", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-14T16:03:02.831678Z", "id": "CVE-2025-5946", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-14T16:03:12.207Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5946", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-14T16:03:02.831678Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-14T16:03:07.677Z"}}], "cna": {"title": "RCE via the poller reload feature available only to user with high privilege", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "h00die-gr3y a.k.a. Hanko van Giessen"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Centreon", "modules": ["Poller reload setup in the configuration"], "product": "Infra Monitoring", "versions": [{"status": "affected", "version": "24.10.0", "lessThan": "24.10.13", "versionType": "custom"}, {"status": "affected", "version": "24.04.0", "lessThan": "24.04.18", "versionType": "custom"}, {"status": "affected", "version": "23.10.0", "lessThan": "23.10.28", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/centreon/centreon/releases", "tags": ["release-notes"]}, {"url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2025-5946-centreon-web-all-versions-high-severity-5104", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) allows OS Command Injection.\nOn the poller parameters page, a user with high privilege is able to concatenate custom instructions into the poller reload command.\n\nThis issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18, from 23.10.0 before 23.10.28.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon </span><span style=\"background-color: rgb(255, 255, 255);\">Infra Monitoring </span><span style=\"background-color: rgb(255, 255, 255);\">(Poller reload setup in the configuration modules) allows OS Command Injection.</span><br><span style=\"background-color: rgb(255, 255, 255);\">On the poller parameters page, a user with high privilege is able to concatenate custom instructions into the poller reload command.</span>\n\n<p>This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18, from 23.10.0 before 23.10.28.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "shortName": "Centreon", "dateUpdated": "2025-10-14T14:29:00.514Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5946", "state": "PUBLISHED", "dateUpdated": "2025-10-14T16:03:12.207Z", "dateReserved": "2025-06-09T17:09:29.545Z", "assignerOrgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "datePublished": "2025-10-14T14:29:00.514Z", "assignerShortName": "Centreon"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) allows OS Command Injection.\nOn the poller parameters page, a user with high privilege is able to concatenate custom instructions into the poller reload command.\n\nThis issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18, from 23.10.0 before 23.10.28."}], "id": "CVE-2025-5946", "lastModified": "2025-10-14T19:36:29.240", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "type": "Secondary"}]}, "published": "2025-10-14T15:16:11.967", "references": [{"source": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "url": "https://github.com/centreon/centreon/releases"}, {"source": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2025-5946-centreon-web-all-versions-high-severity-5104"}], "sourceIdentifier": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "type": "Secondary"}]}

{}

{}