An issue in Nagios XI 2024R1.01 allows a remote malicious user to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component.