EUVD-2025-37214

Nagios XI versions prior to 2024R1.4.2 revealed API keys to users who were not authorized for API access when using Neptune themes. An authenticated user without API privileges could view another user's or their own API key value...

EUVD-2025-37212

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...

CVE-2025-34283

Nagios XI versions prior to 2024R1.4.2 revealed API keys to users who were not authorized for API access when using Neptune themes. An authenticated user without API privileges could view another user's or their own API key value...

CVE-2025-34134

Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the Business Process Intelligence BPI component. Insufficient validation and sanitization of administrator-controlled BPI configuration parameters notably bpilogfile and bpiconfigfile allow an authenticated...

CVE-2025-34134 Nagios XI < 2024R1.4.2 RCE via Business Process Intelligence (BPI)

Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the Business Process Intelligence BPI component. Insufficient validation and sanitization of administrator-controlled BPI configuration parameters notably bpilogfile and bpiconfigfile allow an authenticated...

CVE-2025-34135 Nagios XI < 2024R1.4.2 Overly Permissive Permissions on Systemd Unit Files

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...

PT-2025-44511

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.4.2 Description Nagios XI versions prior to 2024R1.4.2 configure certain systemd unit files with overly permissive permissions. Specifically, the nagios.service unit possesses unnecessary executable...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.4.2 that stems from insufficient...

PT-2025-44521

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.4.2 Description Nagios XI versions prior to 2024R1.4.2 had a flaw where API keys were exposed to users lacking the necessary API access permissions when utilizing Neptune themes. An authenticated user, even...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.4.2, which stems from an unauthorize...

PT-2025-44510

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.4.2 Description Nagios XI versions prior to 2024R1.4.2 have a remote code execution issue in the Business Process Intelligence BPI component. The issue is due to inadequate validation and sanitization of...