Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-35269
Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers.
Nagios Nagios Core 4.2.4
6.8
CVSSv2
CVE-2020-6585
Nagios Log Server 2.1.3 has CSRF.
Nagios Nagios 2.1.3
6.8
CVSSv2
CVE-2008-5028
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor prior to 4.0.1 allows remote malicious users to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests.
Nagios Nagios 3.0
Nagios Nagios 2.0b5
Nagios Nagios 2.7
Nagios Nagios 2.4
Op5 Monitor
Nagios Nagios 2.0b6
Nagios Nagios 1.0b3
Nagios Nagios 1.1
Nagios Nagios 2.1
Op5 Monitor 3.3.1
Nagios Nagios 1.0b6
Nagios Nagios 3.0.1
Nagios Nagios 1.0
Nagios Nagios 2.3.1
Nagios Nagios 2.2
Op5 Monitor 3.2
Nagios Nagios 2.0b2
Op5 Monitor 2.8
Op5 Monitor 3.2.4
Nagios Nagios 1.0b4
Nagios Nagios 3.0.2
Nagios Nagios 2.5
6.8
CVSSv2
CVE-2007-5198
Buffer overflow in the redir function in check_http.c in Nagios Plugins prior to 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters...
Nagios Plugins
1 EDB exploit
6.5
CVSSv2
CVE-2021-40344
An issue exists in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, an administrator can upload files with arbitrary extensions as long as the MIME type corresponds to an image. Therefore it is possible to upload a crafted PHP script to achieve remote command e...
Nagios Nagios Xi 5.8.5
6.5
CVSSv2
CVE-2021-33177
The Bulk Modifications functionality in Nagios XI versions before 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrary sql queries.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2021-37343
A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios.
Nagios Nagios Xi
1 Metasploit module
6.5
CVSSv2
CVE-2021-3277
Nagios XI 5.7.5 and previous versions allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2020-28905
Improper Input Validation in Nagios Fusion 4.1.8 and previous versions allows an authenticated malicious user to execute remote code via table pagination.
Nagios Fusion
6.5
CVSSv2
CVE-2020-24899
Nagios XI 5.7.2 is affected by a remote code execution (RCE) vulnerability. An authenticated user can inject additional commands into normal webapp query.
Nagios Nagios Xi 5.7.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »