The Centreon supervision and monitoring tool provided by Merethis permits remote code execution from the command help web page allowing an attacker to execute arbitrary commands in the context of the webserver hosting the application. The system also uses a one-way hash without a salt. Versions 2.3.1 and below are affected.
8baa1a03e20514db0ebdff56296a1f3d2b0ea0473b7d740b7747c685e31fb6df