Search criteria

2 vulnerabilities found for Centreon Open Tickets on Central Server by Centreon

CVE-2026-2750 (GCVE-0-2026-2750)

Vulnerability from nvd – Published: 2026-02-27 14:58 – Updated: 2026-02-27 14:58
VLAI?
Title
Command Injection via CLAPI generatetraps
Summary
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.
Severity ?
9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Centreon Centreon Open Tickets on Central Server Affected: all , < 25.10; 24.10;24.04 (custom)
Create a notification for this product.
Credits
Texugo from Hakaï Security
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "collectionURL": "https://downlad.centreon.com",
          "defaultStatus": "unaffected",
          "modules": [
            "Centreon Open Tickets"
          ],
          "platforms": [
            "Linux"
          ],
          "product": "Centreon Open Tickets on Central Server",
          "vendor": "Centreon",
          "versions": [
            {
              "lessThan": "25.10; 24.10;24.04",
              "status": "affected",
              "version": "all",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Texugo from Haka\u00ef Security"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).\u003cp\u003eThis issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.\u003c/p\u003e"
            }
          ],
          "value": "Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-27T14:58:29.021Z",
        "orgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7",
        "shortName": "Centreon"
      },
      "references": [
        {
          "url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2750-centreon-web-critical-severity-5503"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Command Injection via CLAPI generatetraps",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7",
    "assignerShortName": "Centreon",
    "cveId": "CVE-2026-2750",
    "datePublished": "2026-02-27T14:58:29.021Z",
    "dateReserved": "2026-02-19T14:25:18.453Z",
    "dateUpdated": "2026-02-27T14:58:29.021Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-2750 (GCVE-0-2026-2750)

Vulnerability from cvelistv5 – Published: 2026-02-27 14:58 – Updated: 2026-02-27 14:58
VLAI?
Title
Command Injection via CLAPI generatetraps
Summary
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.
Severity ?
9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Centreon Centreon Open Tickets on Central Server Affected: all , < 25.10; 24.10;24.04 (custom)
Create a notification for this product.
Credits
Texugo from Hakaï Security
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "collectionURL": "https://downlad.centreon.com",
          "defaultStatus": "unaffected",
          "modules": [
            "Centreon Open Tickets"
          ],
          "platforms": [
            "Linux"
          ],
          "product": "Centreon Open Tickets on Central Server",
          "vendor": "Centreon",
          "versions": [
            {
              "lessThan": "25.10; 24.10;24.04",
              "status": "affected",
              "version": "all",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Texugo from Haka\u00ef Security"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).\u003cp\u003eThis issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.\u003c/p\u003e"
            }
          ],
          "value": "Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-27T14:58:29.021Z",
        "orgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7",
        "shortName": "Centreon"
      },
      "references": [
        {
          "url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2750-centreon-web-critical-severity-5503"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Command Injection via CLAPI generatetraps",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7",
    "assignerShortName": "Centreon",
    "cveId": "CVE-2026-2750",
    "datePublished": "2026-02-27T14:58:29.021Z",
    "dateReserved": "2026-02-19T14:25:18.453Z",
    "dateUpdated": "2026-02-27T14:58:29.021Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}