CVE-2026-30810
Pandora FMS · Pandora FMS
A Server-Side Request Forgery (SSRF) vulnerability in the Pandora FMS API Checker extension allows an authenticated user to perform privilege escalation.
Executive summary
An authenticated privilege escalation vulnerability in Pandora FMS via the API Checker extension poses a significant risk to internal system integrity.
Vulnerability
This vulnerability is a Server-Side Request Forgery (SSRF) flaw located within the API Checker extension. The issue requires the attacker to hold low-level privileges (PR:L) to successfully execute the attack, which subsequently leads to unauthorized privilege escalation.
Business impact
Successful exploitation allows an attacker to manipulate server-side requests, potentially accessing internal resources or escalating their current privilege level. With a CVSS score of 8.8, this flaw represents a high-severity risk that could lead to unauthorized system control and the compromise of sensitive monitoring data.
Remediation
Immediate Action: Update Pandora FMS to version 802 or 800.2 immediately to resolve the SSRF flaw.
Proactive Monitoring: Monitor system logs for unusual outbound requests originating from the API Checker extension or unexpected changes in user privilege assignments.
Compensating Controls: Implement strict network egress filtering to prevent the server from reaching unauthorized internal or external endpoints until the patch is applied.
Exploitation status
Public Exploit Available: Unknown.
Analyst recommendation
Given the potential for privilege escalation, organizations using Pandora FMS should prioritize patching to the latest versions (v802 or v800.2). Failure to address this vulnerability increases the risk of an internal attacker or compromised user account gaining elevated control over the monitoring infrastructure.