Vulnerability Details CVE-2024-35306
OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through <777.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.0%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-35306
-
cpe:2.3:a:artica:pandora_fms:700
-
cpe:2.3:a:artica:pandora_fms:740
-
cpe:2.3:a:artica:pandora_fms:741
-
cpe:2.3:a:artica:pandora_fms:742
-
cpe:2.3:a:artica:pandora_fms:743
-
cpe:2.3:a:artica:pandora_fms:744
-
cpe:2.3:a:artica:pandora_fms:745
-
cpe:2.3:a:artica:pandora_fms:746
-
cpe:2.3:a:artica:pandora_fms:747
-
cpe:2.3:a:artica:pandora_fms:748
-
cpe:2.3:a:artica:pandora_fms:749
-
cpe:2.3:a:artica:pandora_fms:750
-
cpe:2.3:a:artica:pandora_fms:751
-
cpe:2.3:a:artica:pandora_fms:752
-
cpe:2.3:a:artica:pandora_fms:753
-
cpe:2.3:a:artica:pandora_fms:754
-
cpe:2.3:a:artica:pandora_fms:755
-
cpe:2.3:a:artica:pandora_fms:773
-
cpe:2.3:a:artica:pandora_fms:774
-
cpe:2.3:a:artica:pandora_fms:775
-
cpe:2.3:a:artica:pandora_fms:776