CVE-2026-30807

Pandora FMS · Pandora FMS

A Cross-Site Request Forgery (CSRF) vulnerability in Pandora FMS allows an unauthenticated attacker to force users to perform unauthorized actions via a crafted web page.

Executive summary

A CSRF vulnerability in Pandora FMS allows remote attackers to perform unauthorized actions on behalf of authenticated users, risking system configuration integrity.

Vulnerability

This is a Cross-Site Request Forgery (CWE-352) vulnerability that allows an attacker to execute unauthorized commands or changes. The attack is unauthenticated but requires the victim to interact with a crafted malicious web page (UI:P).

Business impact

Exploitation allows attackers to perform actions with the privileges of the victim, which could lead to unauthorized configuration changes or administrative actions within the Pandora FMS environment. The CVSS score of 8.8 reflects the high potential for impact on system integrity and unauthorized state changes.

Remediation

Immediate Action: Update Pandora FMS to the patched versions v802 or v800.2 immediately.

Proactive Monitoring: Monitor application logs for unexpected administrative actions performed by users who did not initiate them.

Compensating Controls: Deploy a Web Application Firewall (WAF) with CSRF protection rules to inspect and block malicious requests that lack proper anti-forgery tokens.

Exploitation status

Public Exploit Available: Unknown.

Analyst recommendation

Organizations should prioritize the update to version 802 or 800.2 to neutralize this CSRF vector. Ensuring that administrative sessions are protected against unauthorized requests is critical for maintaining the security posture of the Pandora FMS deployment.