Command Injection Vulnerability in Pandora FMS by Pandora FMS
CVE-2024-12971

Currently unrated

Key Information:

Vendor: Pandora FMS
Status: Pandora FMS
Vendor: CVE Published:; 17 March 2025

🔔 Create Pandora FMS Vulnerability Alert

What is CVE-2024-12971?

A command injection vulnerability exists in Pandora FMS, which improperly neutralizes special elements used in commands. This flaw allows attackers to execute arbitrary commands on the host operating system. The vulnerability affects versions ranging from 700 to 777.6, posing a significant risk to systems running this software as it could lead to unauthorized access and potential system compromise.

References

https://pandorafms.com/en/security/common-vulnerabilities...

EPSS Score

79% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2025