Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.6 views

CVE-2020-5792

Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user...

7.2CVSS7.2AI score0.60966EPSS
Exploits4References1
Rapid7 Blog
Rapid7 Blog
added 2021/04/23 5:57 p.m.77 views

Metasploit Wrap-Up

Nagios modules Community member Erik Wynter has contributed two more Nagios XI modules this week, on top of the previous week’s contributions! If you’ve noticed Nagios XI 5.6.0 to 5.7.5 running within your target’s infrastructure during a pen test, be sure to check both these new modules out as...

9CVSS0.1AI score0.93201EPSS
Exploits20
Packet Storm
Packet Storm
added 2021/04/21 12:0 a.m.399 views

Nagios XI 5.7.3 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI 5.5.0-5.7.3 - Snmptrap Authenticated Remote Code Exection', 'Description' = %q This module exploits an OS command injection vulnerabili...

6.5CVSS0.60966EPSS
Exploits4
Circl
Circl
added 2021/03/26 11:19 p.m.12 views

CVE-2020-5792

creationtimestamp| type| source ---|---|--- 2021-03-26 23:19:21+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/nagiosxiscanner.rb 2021-04-20 19:39:18+00:00| seen|...

7.2CVSS6.7AI score0.60966EPSS
Exploits4References2
OSV
OSV
added 2020/10/20 10:15 p.m.5 views

CVE-2020-5792

Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user...

7.2CVSS7.3AI score0.60966EPSS
Exploits4References2
Cvelist
Cvelist
added 2020/10/20 9:18 p.m.28 views

CVE-2020-5792

Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user...

7.2AI score0.60966EPSS
Exploits4References2
CVE
CVE
added 2020/10/20 9:18 p.m.81 views

CVE-2020-5792

CVE-2020-5792 affects Nagios XI 5.7.3 (and components/nxti) where improper neutralization of argument delimiters in a command allows a remote, authenticated admin to write arbitrary files and ultimately execute code with the apache user. Root cause: command injection via includes/components/nxti/...

7.2CVSS7.2AI score0.60966EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder