Published: 14/11/2018 Updated: 03/10/2019

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 840

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated malicious users to execute arbitrary commands via a crafted HTTP request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nagios nagios xi 5.5.6

# Exploit Title: Nagios XI 556 Remote Code Execution and Privilege Escalation # Date: 2019-01-22 # Exploit Author: Chris Lyne (@lynerc) # Vendor Homepage: wwwnagioscom/ # Product: Nagios XI # Software Link: assetsnagioscom/downloads/nagiosxi/5/xi-556targz # Version: From 2012r10 to 556 # Tested on: # - CentOS Linux 75 ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::EXE include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Rem ...

This Metasploit module exploits two vulnerabilities in Nagios XI 556 One allows for unauthenticated remote code execution and another allows for local privilege escalation When combined, these two vulnerabilities give us a root reverse shell ...

Nagios XI version 556 suffers from remote code execution and privilege escalation vulnerabilities ...

This module exploits two vulnerabilities in Nagios XI <= 556: CVE-2018-15708 which allows for unauthenticated remote code execution and CVE-2018-15710 which allows for local privilege escalation When combined, these two vulnerabilities allow execution of arbitrary commands as root ...

This module exploits two vulnerabilities in Nagios XI <= 5.5.6: CVE-2018-15708 which allows for unauthenticated remote code execution and CVE-2018-15710 which allows for local privilege escalation. When combined, these two vulnerabilities allow execution of arbitrary commands as root.

msf > use exploit/linux/http/nagios_xi_magpie_debug
msf exploit(nagios_xi_magpie_debug) > show targets
    ...targets...
msf exploit(nagios_xi_magpie_debug) > set TARGET < target-id >
msf exploit(nagios_xi_magpie_debug) > show options
    ...show and set options...
msf exploit(nagios_xi_magpie_debug) > exploit

This module exploits two vulnerabilities in Nagios XI <= 5.5.6: CVE-2018-15708 which allows for unauthenticated remote code execution and CVE-2018-15710 which allows for local privilege escalation. When combined, these two vulnerabilities allow execution of arbitrary commands as root.

msf > use exploit/linux/http/nagios_xi_magpie_debug
msf exploit(nagios_xi_magpie_debug) > show targets
    ...targets...
msf exploit(nagios_xi_magpie_debug) > set TARGET < target-id >
msf exploit(nagios_xi_magpie_debug) > show options
    ...show and set options...
msf exploit(nagios_xi_magpie_debug) > exploit

Detecting-CVE-2018-15708-Vulnerabilities

NVD-CWE-noinfo https://www.tenable.com/security/research/tra-2018-37 https://www.exploit-db.com/exploits/46221/http://packetstormsecurity.com/files/153433/Nagios-XI-Magpie_debug.php-Root-Remote-Code-Execution.html https://nvd.nist.gov https://github.com/lkduy2602/Detecting-CVE-2018-15708-Vulnerabilities https://www.exploit-db.com/exploits/46221 https://www.rapid7.com/db/modules/exploit/linux/http/nagios_xi_magpie_debug

CVE-2018-15708

Vulnerability Summary

Vulnerability Trend

Exploits

Metasploit Modules

Github Repositories

References

Vulmon Search

About

Products

Connect