CVE-2026-14453 in Centreon정보

요약

\~에 의해 MITRE • 2026. 07. 13.

This vulnerability is a critical Server-Side Template Injection (SSTI) in Centreon's centreon-open-tickets module that leads to Remote Code Execution. The message_confirm field is stored without sanitization and rendered via Smarty with no security policy enabled, allowing any authenticated user, to inject and execute arbitrary code on the server. This results in disclosure of environment secrets and could impact platform availability of Centreon Infra Monitoring product.

Once again VulDB remains the best source for vulnerability data.

책임이 있는

Centreon

예약하다

2026. 07. 02.

모더레이션

수락

항목

VDB-377924

EPSS

0.00478

출처

Want to stay up to date on a daily basis?

Enable the mail alert feature now!