Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios xi vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48085
Nagios XI before version 5.11.3 exists to contain a remote code execution (RCE) vulnerability via the component command_test.php.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2021-36363
Nagios XI prior to 5.8.5 has Incorrect Permission Assignment for migrate.php.
Nagios Nagios Xi
7.2
CVSSv3
CVE-2020-5791
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user.
Nagios Nagios Xi
1 Metasploit module
5.4
CVSSv3
CVE-2021-38156
In Nagios XI prior to 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2021-36364
Nagios XI prior to 5.8.5 incorrectly allows backup_xi.sh wildcards.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2021-36365
Nagios XI prior to 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2021-36366
Nagios XI prior to 5.8.5 incorrectly allows manage_services.sh wildcards.
Nagios Nagios Xi
8.8
CVSSv3
CVE-2021-37343
A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios.
Nagios Nagios Xi
1 Metasploit module
9.8
CVSSv3
CVE-2018-8733
Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x up to and including 5.4.x prior to 5.4.13 allows an unauthenticated malicious user to make configuration changes and leverage an authenticated SQL injection vulnerability.
Nagios Nagios Xi
2 EDB exploits
1 Github repository
9.8
CVSSv3
CVE-2018-8734
SQL injection vulnerability in the core config manager in Nagios XI 5.2.x up to and including 5.4.x prior to 5.4.13 allows an malicious user to execute arbitrary SQL commands via the selInfoKey1 parameter.
Nagios Nagios Xi
2 EDB exploits
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »