Lucene search
+L

CVE-2020-5791

🗓️ 20 Oct 2020 21:22:00Reported by tenableType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 166 Views🌐 WEB

Improper neutralization of special elements in Nagios XI 5.7.3 allows remote code execution

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
zdt
Nagios XI 5.7.3 Remote Code Execution Exploit
19 Apr 202100:00
zdt
circl
CVE-2020-5791
26 Mar 202123:19
circl
cnvd
Nagios XI OS Command Injection Vulnerability (CNVD-2020-58765)
26 Oct 202000:00
cnvd
checkpoint_advisories
Nagios XI mibs.php Command Injection (CVE-2020-5791)
28 Nov 202000:00
checkpoint_advisories
checkpoint_advisories
Nagios XI Command Injection (CVE-2020-5791)
29 Nov 202000:00
checkpoint_advisories
cvelist
CVE-2020-5791
20 Oct 202021:22
cvelist
exploitdb
Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection (Authenticated)
28 Oct 202000:00
exploitdb
metasploit
Nagios XI Scanner
27 Mar 202117:42
metasploit
metasploit
Nagios XI 5.6.0-5.7.3 - Mibs.php Authenticated Remote Code Exection
17 Apr 202117:41
metasploit
ncsc
Vulnerabilities fixed in Nagios XI
21 Oct 202000:00
ncsc
Rows per page
NVD
Node
nagiosnagios_xiRange5.6.05.7.3
[
  {
    "product": "Nagios XI",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "5.7.3"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
filequery paramadmin/mibs.phpOS command injection vulnerability in Nagios XI admin/mibs.php allowing authenticated admin to inject and execute OS commands via the file parameter.CWE-78
modequery paramadmin/mibs.phpOS command injection vulnerability in Nagios XI admin/mibs.php allowing authenticated admin to inject and execute OS commands via the file parameter.CWE-78
typequery paramadmin/mibs.phpOS command injection vulnerability in Nagios XI admin/mibs.php allowing authenticated admin to inject and execute OS commands via the file parameter.CWE-78

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 03:22Current
7High risk
Vulners AI Score7
CVSS 3.17.2
CVSS 29
EPSS0.78632
166