CVE-2026-2041

Nagios Host zabbixagentconfigwizardfunc Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within t...

CVE-2026-2043

Nagios Host esensorswebsensorconfigwizardfunc Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists...

CVE-2026-2041

Nagios Host zabbixagentconfigwizardfunc Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within t...

Nagios XI 操作系统命令注入漏洞

Nagios XI is a IT infrastructure monitoring solution developed by the American company Nagios. This solution supports monitoring and early alerts for applications, services, operating systems, etc. Nagios XI has a vulnerability related to operating system command injection. This vulnerability ste...

Nagios XI 操作系统命令注入漏洞

Nagios XI is a IT infrastructure monitoring solution developed by the American company Nagios. This solution supports monitoring and early alerts for applications, services, operating systems, etc. Nagios XI has a vulnerability related to operating system command injection. This vulnerability ste...

Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within the esensorswebsensorconfigwizardfunc method. The issue results from the lack of proper validati...

CVE-2021-3193

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user...

CVE-2022-37108

Summary: CVE-2022-37108 is an injection vulnerability in the syslog-ng configuration wizard of Securonix Snypr 6.4. An application user with the Manage Ingesters permission can coerce remote ingesters to execute arbitrary code by appending text to system-executed files (e.g., crontab entries). Te...

PT-2021-7646 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI version xi-5.7.5 Description: The issue is related to OS command injection due to improper sanitization of authenticated user-controlled input by a single HTTP request. This can lead to OS command injection on the Nagios XI server...

CVE-2021-3193

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user...

Improper access control

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user...

CVE-2021-3193

CVE-2021-3193 affects the Nagios Docker Config Wizard (before 1.1.2) as used in Nagios XI up to v5.7. The issue is improper access and command validation, allowing an unauthenticated attacker to execute remote code as the apache user. The connected documents confirm the vulnerable component and t...

CVE-2021-3193

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user...