CVE-2021-34074
https://notcve.org/view.php?id=CVE-2021-34074
PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager. To bypass the built-in protection, a relative path is used in the requests. PandoraFMS versiones anteriores a 7.54 incluyéndola, permite una carga arbitraria de ficheros, conllevando a una ejecución de comandos remota por medio del Administrador de Archivos. Para omitir la protección incorporada, es usada una ruta relativa en las peticiones • https://k4m1ll0.com/cve-pandorafms754-chained-xss-rce.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2021-32098
https://notcve.org/view.php?id=CVE-2021-32098
Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization. Artica Pandora FMS 742, permite a atacantes no autenticados llevar a cabo una deserialización Phar • https://blog.sonarsource.com/pandora-fms-742-critical-code-vulnerabilities-explained https://pandorafms.com/blog/whats-new-in-pandora-fms-743 https://portswigger.net/daily-swig/multiple-vulnerabilities-in-pandora-fms-could-trigger-remote-execution-attack • CWE-502: Deserialization of Untrusted Data •
CVE-2021-32099
https://notcve.org/view.php?id=CVE-2021-32099
A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass. Una vulnerabilidad de inyección SQL en el componente pandora_console de Artica Pandora FMS, permite a un atacante no autenticado actualizar su sesión sin privilegios por medio del parámetro session_id en el archivo /include/chart_generator.php, conllevando a un desvío de inicio de sesión • https://github.com/ibnuuby/CVE-2021-32099 https://github.com/zjicmDarkWing/CVE-2021-32099 https://github.com/akr3ch/CVE-2021-32099 https://blog.sonarsource.com/pandora-fms-742-critical-code-vulnerabilities-explained https://pandorafms.com/blog/whats-new-in-pandora-fms-743 https://portswigger.net/daily-swig/multiple-vulnerabilities-in-pandora-fms-could-trigger-remote-execution-attack • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2021-32100
https://notcve.org/view.php?id=CVE-2021-32100
A remote file inclusion vulnerability exists in Artica Pandora FMS 742, exploitable by the lowest privileged user. Se presenta vulnerabilidad de inclusión remota de archivos en Artica Pandora FMS 742, explotable por el usuario menos privilegiado • https://blog.sonarsource.com/pandora-fms-742-critical-code-vulnerabilities-explained https://pandorafms.com/blog/whats-new-in-pandora-fms-743 https://portswigger.net/daily-swig/multiple-vulnerabilities-in-pandora-fms-could-trigger-remote-execution-attack •
CVE-2020-26518
https://notcve.org/view.php?id=CVE-2020-26518
Artica Pandora FMS before 743 allows unauthenticated attackers to conduct SQL injection attacks via the pandora_console/include/chart_generator.php session_id parameter. Artica Pandora FMS versiones anteriores a 743, permite a atacantes no autenticados conducir ataques de inyección SQL por medio del parámetro session_id del archivo pandora_console/include/chart_generator.php • https://blog.sonarsource.com/pandora-fms-742-critical-code-vulnerabilities-explained • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •