Arbitrary System Command Injection Vulnerability Affects Pandora FMS Netflow Function
CVE-2024-35304

Currently unrated

Key Information:

Vendor: Pandora Fms
Status: Pandora Fms
Vendor: CVE Published:; 10 June 2024

🔔 Create Pandora Fms Vulnerability Alert

What is CVE-2024-35304?

System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through <777.

Affected Version(s)

Pandora FMS all 700 < 777

References

https://pandorafms.com/en/security/common-vulnerabilities...

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2024
Vulnerability Reserved
May 16, 2024

Credit

[email protected]