CVE-2024-12992
Published: 17 March 2025
Description
Adversaries may abuse Unix shell commands and scripts for execution.
Security Summary
CVE-2024-12992 is an Improper Neutralization of Special Elements used in a Command vulnerability (CWE-77) in Pandora FMS, affecting versions from 700 to 777.6. This flaw enables OS Command Injection, leading to remote code execution (RCE). The vulnerability received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its high impact across confidentiality, integrity, and availability.
An unauthenticated attacker with network access can exploit this vulnerability with low attack complexity and no user interaction required. Successful exploitation allows the attacker to execute arbitrary operating system commands on the affected Pandora FMS server, potentially achieving full remote control over the system.
Mitigation details and additional information are available in the Pandora FMS security advisory at https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes unauthenticated remote OS command injection leading to RCE on a public-facing Pandora FMS server, directly enabling T1190 (Exploit Public-Facing Application) for initial access and T1059.004 (Unix Shell) for arbitrary command execution.