Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48085
Nagios XI before version 5.11.3 exists to contain a remote code execution (RCE) vulnerability via the component command_test.php.
Nagios Nagios Xi
7.2
CVSSv3
CVE-2021-3277
Nagios XI 5.7.5 and previous versions allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files.
Nagios Nagios Xi
6.1
CVSSv3
CVE-2021-33179
The general user interface in Nagios XI versions before 5.8.4 is vulnerable to authenticated reflected cross-site scripting. An authenticated victim, who accesses a specially crafted malicious URL, would unknowingly execute the attached payload.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2021-36363
Nagios XI prior to 5.8.5 has Incorrect Permission Assignment for migrate.php.
Nagios Nagios Xi
8.8
CVSSv3
CVE-2021-25296
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which c...
Nagios Nagios Xi 5.7.5
1 Metasploit module
1 Github repository
8.8
CVSSv3
CVE-2021-25297
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead ...
Nagios Nagios Xi 5.7.5
1 Metasploit module
1 Github repository
8.8
CVSSv3
CVE-2021-25298
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can l...
Nagios Nagios Xi 5.7.5
1 Metasploit module
1 Github repository
6.1
CVSSv3
CVE-2021-25299
Nagios XI version xi-5.7.5 is affected by cross-site scripting (XSS). The vulnerability exists in the file /usr/local/nagiosxi/html/admin/sshterm.php due to improper sanitization of user-controlled input. A maliciously crafted URL, when clicked by an admin user, can be used to st...
Nagios Nagios Xi 5.7.5
1 Github repository
4.8
CVSSv3
CVE-2022-38247
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel.
Nagios Nagios Xi 5.8.6
6.1
CVSSv3
CVE-2022-38249
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4.
Nagios Nagios Xi 5.8.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »