Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-28648
Improper input validation in the Auto-Discovery component of Nagios XI prior to 5.7.5 allows an authenticated malicious user to execute remote code.
Nagios Nagios Xi
7.8
CVSSv3
CVE-2020-5796
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges.
Nagios Nagios Xi 5.7.4
7.2
CVSSv3
CVE-2020-5792
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user.
Nagios Nagios Xi 5.7.3
6.5
CVSSv3
CVE-2020-5790
Cross-site request forgery in Nagios XI 5.7.3 allows a remote malicious user to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
Nagios Nagios Xi 5.7.3
7.2
CVSSv3
CVE-2020-5791
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user.
Nagios Nagios Xi
1 Metasploit module
9.8
CVSSv3
CVE-2020-15903
An issue was found in Nagios XI prior to 5.7.3. There is a privilege escalation vulnerability in backend scripts that ran as root where some included files were editable by nagios user. This issue was fixed in version 5.7.3.
Nagios Nagios Xi
NA
CVE-2020-161571
Nagios Log Server version 2.1.6 suffers from a persistent cross site scripting vulnerability.
5.4
CVSSv3
CVE-2020-16157
A Stored XSS vulnerability exists in Nagios Log Server prior to 2.1.7 via the Notification Methods -> Email Users menu.
Nagios Log Server
8.8
CVSSv3
CVE-2020-15901
In Nagios XI prior to 5.7.3, ajaxhelper.php allows remote authenticated malicious users to execute arbitrary commands via cmdsubsys.
Nagios Nagios Xi
6.1
CVSSv3
CVE-2020-15902
Graph Explorer in Nagios XI prior to 5.7.2 allows XSS via the link url option.
Nagios Nagios Xi
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »