Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-28909
Incorrect File Permissions in Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation to root via modification of scripts. Low-privileges users are able to modify files that can be executed by sudo.
Nagios Fusion
9.8
CVSSv3
CVE-2020-28910
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and previous versions allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2020-28904
Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code.
Nagios Fusion
8.8
CVSSv3
CVE-2020-28905
Improper Input Validation in Nagios Fusion 4.1.8 and previous versions allows an authenticated malicious user to execute remote code via table pagination.
Nagios Fusion
8.8
CVSSv3
CVE-2020-28906
Incorrect File Permissions in Nagios XI 5.7.5 and previous versions and Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation to root. Low-privileged users are able to modify files that are included (aka sourced) by scripts executed by root.
Nagios Fusion
Nagios Nagios Xi
9.8
CVSSv3
CVE-2020-28907
Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and previous versions allows for Escalation of Privileges or Code Execution as root via vectors related to download of an untrusted update package in upgrade_to_latest.sh.
Nagios Fusion
6.1
CVSSv3
CVE-2020-28903
Improper input validation in Nagios Fusion 4.1.8 and previous versions allows a remote attacker with control over a fused server to inject arbitrary HTML, aka XSS.
Nagios Fusion
9.8
CVSSv3
CVE-2020-28900
Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and previous versions and Nagios XI 5.7.5 and previous versions allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.
Nagios Fusion
Nagios Nagios Xi
9.8
CVSSv3
CVE-2020-28908
Command Injection in Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation to nagios.
Nagios Fusion
9.8
CVSSv3
CVE-2020-28902
Command Injection in Nagios Fusion 4.1.8 and previous versions allows Privilege Escalation from apache to root in cmd_subsys.php.
Nagios Fusion
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »