CVE-2020-9463: 
Centreon vulnerability analysis and mitigation

Centreon 19.10 contains a remote code execution vulnerability (CVE-2020-9463) that allows authenticated users to execute arbitrary OS commands. The vulnerability exists in the server_ip field within JSON data sent to the api/internal.php endpoint with the object=centreon_configuration_remote parameter (MITRE CVE).

The vulnerability involves shell metacharacter injection through the server_ip field in JSON data sent to the api/internal.php endpoint. The affected endpoint is specifically api/internal.php?object=centreon_configuration_remote. The vulnerability has a CVSS v3.1 Base Score of 8.8 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, and high impact across confidentiality, integrity, and availability (AttackerKB).

The vulnerability can lead to complete system compromise, allowing attackers to execute arbitrary operating system commands on the affected Centreon server. Given Centreon's role as a centralized IT management solution, successful exploitation could provide attackers with access to network device information and potential pivot points across the corporate network (AttackerKB).

According to security researchers, Centreon has a relatively small internet-exposed footprint with approximately 40 internet-facing applications identified through Shodan searches. The official GitHub repository shows limited community engagement with only a few hundred stars and forks (AttackerKB).