7 matches found
CVE-2020-5792
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user...
Metasploit Wrap-Up
Nagios modules Community member Erik Wynter has contributed two more Nagios XI modules this week, on top of the previous week’s contributions! If you’ve noticed Nagios XI 5.6.0 to 5.7.5 running within your target’s infrastructure during a pen test, be sure to check both these new modules out as...
Nagios XI 5.7.3 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI 5.5.0-5.7.3 - Snmptrap Authenticated Remote Code Exection', 'Description' = %q This module exploits an OS command injection vulnerabili...
CVE-2020-5792
creationtimestamp| type| source ---|---|--- 2021-03-26 23:19:21+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/nagiosxiscanner.rb 2021-04-20 19:39:18+00:00| seen|...
CVE-2020-5792
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user...
CVE-2020-5792
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user...
CVE-2020-5792
CVE-2020-5792 affects Nagios XI 5.7.3 (and components/nxti) where improper neutralization of argument delimiters in a command allows a remote, authenticated admin to write arbitrary files and ultimately execute code with the apache user. Root cause: command injection via includes/components/nxti/...