Open Tickets
CVE-2026-2749
CRITICAL
Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.
AnalysisAI
Path traversal in Centreon Open Tickets module allows authenticated attackers to read or write files outside intended directories. CVSS 9.9 with scope change indicates impact beyond the vulnerable component.
Technical ContextAI
CWE-22 in Centreon Open Tickets. Authenticated users can traverse the filesystem through the ticketing module, with scope change indicating potential impact on the underlying Centreon server.
RemediationAI
Update Centreon Open Tickets module. Review filesystem permissions for Centreon service account.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today