CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-20050
https://notcve.org/view.php?id=CVE-2019-20050
Pandora FMS ≤ 7.42 suffers from a remote code execution vulnerability. To exploit the vulnerability, an authenticated user should create a new folder with a "tricky" name in the filemanager. The exploit works when the php-fileinfo extension is disabled on the host system. The attacker must include shell metacharacters in the content type. Pandora FMS anterior o igual a la versión 7.42, sufre de una vulnerabilidad de ejecución de código remota. • https://k4m1ll0.com/cve-2019-20050.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 14%CPEs: 1EXPL: 5CVE-2019-20224 – Pandora 7.0NG Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-20224
netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request. This issue has been fixed in Pandora FMS 7.0 NG 742. netflow_get_stats en functions_netflow.php en Pandora FMS 7.0NG permite a los usuarios identificados remotos ejecutar comandos arbitrarios del sistema operativo a través de metacaracteres de shell en el parámetro ip_src en una solicitud index.php operation / netflow / nf_live_view. Este problema se ha solucionado en Pandora FMS 7.0 NG 742. Pandora version 7.0NG suffers from a remote code execution vulnerability. • https://github.com/mhaskar/CVE-2019-20224 http://packetstormsecurity.com/files/155897/Pandora-7.0NG-Remote-Code-Execution.html https://drive.google.com/file/d/1DkWR5MylzeNr20jmHXTaAIJmf3YN-lnO/view?usp=sharing https://gist.github.com/mhaskar/2153d66a0928492d76b799ba13b9e3f9 https://pandorafms.com/downloads/solved-pandorafms-742.mp4 https://shells.systems/pandorafms-v7-0ng-authenticated-remote-code-execution-cve-2019-20224 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19681
https://notcve.org/view.php?id=CVE-2019-19681
Pandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who can modify the alert system, it is possible to define and execute commands as root/Administrator. NOTE: The product vendor states that the vulnerability as it is described is not in fact an actual vulnerability. They state that to be able to create alert commands, you need to have admin rights. They also state that the extended ACL system can disable access to specific sections of the configuration, such as defining new alert commands ** EN DISPUTA ** Pandora FMS 7.x sufre de vulnerabilidad de ejecución remota de código. • https://k4m1ll0.com/cve-2019-19681.html https://medium.com/%40k4m1ll0/remote-code-execution-vulnerability-in-pandorafms-7-x-8ce55d4b1d5a https://pandorafms.com/blog/pandora-fms-vulnerability • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13035
https://notcve.org/view.php?id=CVE-2019-13035
Artica Pandora FMS 7.0 NG before 735 suffers from local privilege escalation due to improper permissions on C:\PandoraFMS and its sub-folders, allowing standard users to create new files. Moreover, the Apache service httpd.exe will try to execute cmd.exe from C:\PandoraFMS (the current directory) as NT AUTHORITY\SYSTEM upon web requests to the portal. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\SYSTEM. Artica Pandora FMS versión 7.0 NG anterior a 735, sufre de una escalada de privilegios local debido a permisos inapropiados en C:\PandoraFMS y sus subcarpetas, permitiendo a usuarios estándar crear nuevos archivos. Adicionalmente, el servicio de Apache httpd.exe intentará ejecutar cmd.exe desde C:\PandoraFMS (el directorio actual) como NT AUTHORITY\SYSTEM sobre las solicitudes web hacia el portal. • https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-008.md •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11221
https://notcve.org/view.php?id=CVE-2018-11221
Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system. Subida de archivos no fiables sin autenticación en Artica Pandora FMS hasta la versión 7.23 permite que un atacante suba un plugin arbitrario mediante include/ajax/update_manager.ajax en el sistema de actualización. • https://blog.hackercat.ninja/post/pandoras_box https://pandorafms.com/wp-content/uploads/2018/06/whats-new-723-EN.pdf • CWE-434: Unrestricted Upload of File with Dangerous Type •