CNNVD-202507-318 Information
CNNVD ID
CNNVD-202507-318
Related CVE
- CNNVD Published: 2025-07-03
Description (Chinese)
Pandora FMS是美国Pandora FMS公司的一套监控系统。该系统通过可视化的方式监控网络、服务器、虚拟基础架构和应用程序等。 Pandora FMS 7.0NG及之前版本存在安全漏洞,该漏洞源于net_tools.php功能允许认证用户执行任意OS命令,可能导致命令注入。
Description (English)
Pandora FMS is a surveillance system for Pandora FMS in the United States. The system monitors networks, servers, virtual infrastructure and applications in a visual way. The security loophole in Pandora FMS 7.0NG and earlier versions stems from the fact that the net tools.php function allows the authentication user to execute an arbitrary OS order, which may result in an injection.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Pango
Published
2025-07-03
Last Modified
2026-02-24
References
https://github.com/pandorafms/pandorafms https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/ https://vulncheck.com/advisories/pandora-fms-rce-via-ping https://www.exploit-db.com/exploits/48334 https://www.rapid7.com/db/modules/exploit/linux/
Share on: