Security Advisory

CVE-2019-20224

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-09 15:37:58

Last updated 2024-08-05 02:39:09

Assigner mitre

State PUBLISHED

Description

netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request. This issue has been fixed in Pandora FMS 7.0 NG 742.

← Browse all CVEs View on cve.org ↗