OS Command Injection Vulnerability Affects Pandora FMS
CVE-2024-35306

Currently unrated

Key Information:

Vendor: Pandora Fms
Status: Pandora Fms
Vendor: CVE Published:; 10 June 2024

🔔 Create Pandora Fms Vulnerability Alert

What is CVE-2024-35306?

OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through <777.

Affected Version(s)

Pandora FMS all 700 < 777

References

https://pandorafms.com/en/security/common-vulnerabilities...

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2024
Vulnerability Reserved
May 16, 2024

Credit

Aleksey Solovev (Positive Technologies)