Primary

Context

Pandora FMS API Checker Extension Privilege Escalation Vulnerability via Server-Side Request Forgery

Vulnerability

Patched

A Server-Side Request Forgery (SSRF) vulnerability has been identified in the API Checker extension of Pandora FMS. This vulnerability allows for privilege escalation and affects versions 777 through 800 of Pandora FMS.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation within the application.

Remediation

Users can upgrade to Pandora FMS version 800.1 or 801 to address this vulnerability.

Added: May 12, 2026, 4:32 PM

Updated: May 12, 2026, 4:32 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

1.7

exploitability

4.7

remediation

7.7

relevance

8.1

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

1.7

exploitability

4.7

remediation

7.7

relevance

8.1

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Pandora FMS API Checker Extension Privilege Escalation Vulnerability via Server-Side Request Forgery

Vulnerability

Impact

Remediation

Affected Products

Pandora FMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating