CVEs that I have discovered

Centreon:

Outsmarting the network monitor.

Centreon is an IT monitoring platform, trusted by Fortune 500 companies worldwide.
It is an industry reference offering enterprise solutions.
It counts over 200,000+ ITOM users worldwide.
It is used in diverse sectors:
- IT & Telecommunication
- Transportation
- Government
- Health care
- Retail
- Utilities
- Finance & Insurance
- Aerospace & Defense
- Manufacturing

Some of the organisations using Centreon monitoring software:
- French Department of Justice
- KLM Air France
- Total
- Redbull
- Airbus, Bolloré, Amundi, CGI, Lacoste, EDF, Canal+, Sephora...

CVE-2019-19699

Authenticated RCE in Centreon =< 19.10 via misconfigured poller which allows execution of Post-restart commands.

More details can be found at:
github.com/SpengeSec/CVE-2019-19699

CVE-2020-12636

More details upon disclosure.