Infra monitoring
This hub aggregates every CVE we track for Infra monitoring, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
20
CVEs tracked
2
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM14HIGH4CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
11
0
2
7
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Infra monitoring.
- CVE-2025-15029An unauthenticated user is able to introduce SQL Injection using the Awie export module9.8
- CVE-2025-15026Unauthenticated configuration import allows administrative account creation using AWIE component9.8
- CVE-2025-12511A user with elevated privileges can inject XSS in the DSM Administration’s Extensions configuration page6.8
- CVE-2025-12513A user with elevated privileges can inject XSS in the Hosts configuration parameters page6.8
- CVE-2025-12519Information disclosure on Administration parameters API endpoint5.3
- CVE-2025-13056A user with elevated privileges can inject XSS in the Administration ACL Menus configuration page6.8
- CVE-2025-5965RCE via the backup feature available only to user with high privilege7.2
- CVE-2025-54890A user with elevated privileges can inject XSS in the Hostgroups configuration page6.8
- CVE-2025-8460A user with elevated privileges can inject XSS in the Notification rules configuration page6.8
- CVE-2025-10023A user with elevated privileges can inject XSS in the Services Meta-services configuration page6.2
- CVE-2025-8432CentreonBI user account on the MBI server can execute commands as root by modifying script runned by the CRON8.4
- CVE-2025-8459A user with low privileges can inject XSS in the Monitoring Recurrent downtimes page7.7
- CVE-2025-8430A user with elevated privileges can inject XSS in the Commands Connectors configuration configuration page6.8
- CVE-2025-8429A user with elevated privileges can inject XSS in the ACL Action access configuration page6.8
- CVE-2025-54893A user with elevated privileges can inject XSS in the Hosts templates configuration page6.8
Product normalization is registry-driven with AI assist and human review. How it works