Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-37346
Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through Improper neutralisation of special elements used in an OS Command (OS Command injection).
Nagios Nagios Xi Watchguard Wizard
7.5
CVSSv2
CVE-2021-37350
Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation.
Nagios Nagios Xi
7.5
CVSSv2
CVE-2020-28904
Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code.
Nagios Fusion
7.5
CVSSv2
CVE-2020-28908
Command Injection in Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation to nagios.
Nagios Fusion
7.5
CVSSv2
CVE-2021-28925
SQL injection vulnerability in Nagios Network Analyzer prior to 2.4.3 via the o[col] parameter to api/checks/read/.
7.5
CVSSv2
CVE-2021-3193
Improper access and command validation in the Nagios Docker Config Wizard prior to 1.1.2, as used in Nagios XI up to and including 5.7, allows an unauthenticated malicious user to execute remote code as the apache user.
Nagios Nagios Xi
7.5
CVSSv2
CVE-2020-15901
In Nagios XI prior to 5.7.3, ajaxhelper.php allows remote authenticated malicious users to execute arbitrary commands via cmdsubsys.
Nagios Nagios Xi
7.5
CVSSv2
CVE-2020-7206
HP nagios plugin for iLO (nagios-plugins-hpilo v1.50 and previous versions) has a php code injection vulnerability.
Hp Nagios-plugins-hpilo
7.5
CVSSv2
CVE-2019-12279
Nagios XI 5.6.1 allows SQL injection via the username parameter to login.php?forgotpass (aka the reset password form). NOTE: The vendor disputes this issues as not being a vulnerability because the issue does not seem to be a legitimate SQL Injection. The POC does not show any va...
Nagios Nagios Xi 5.6.1
1 EDB exploit
7.5
CVSSv2
CVE-2019-9203
Authorization bypass in Nagios IM (component of Nagios XI) prior to 2.2.7 allows closing incidents in IM via the API.
Nagios Incident Manager
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »