Remote Code Execution in Checkmk NagVis via Authenticated Administrative File Upload
A remote code execution vulnerability exists in the NagVis component of Checkmk. An attacker who has administrative access can upload a malicious PHP file and modify specific settings to execute the harmful file's contents through PHP. This vulnerability allows an authenticated user with high-level privileges to potentially run unauthorized code within the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
checkmk nagvis |