Lucene search
K

8 matches found

GithubExploit
GithubExploit
added 2026/03/17 9:24 p.m.150 views

Exploit for OS Command Injection in Nagios Nagios_Xi

Nagios-CVE-2019-15949-RCE-Poc a python PoC for the CVE-2019-15...

9CVSS5.8AI score0.77741EPSS
Exploits13
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 a.m.7 views

CVE-2019-15949

Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile profile.php?cmd=download, is executed as root via a...

9CVSS7.4AI score0.77741EPSS
Exploits13References1
Packet Storm
Packet Storm
added 2025/04/08 12:0 a.m.238 views

📄 Nagios Xi 5.6.6 Remote Code Execution

Nagios Xi version 5.6.6 proof of concept authenticated remote code execution exploit. Exploit Title: Nagiosxi authenticated Remote Code Execution Date: 17/02/2024 Exploit Author: Calil Khalil Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Version: Nagios Xi 5.6.6 Tested on: Ubuntu CV...

9CVSS9AI score0.77741EPSS
Exploits13
Exploit DB
Exploit DB
added 2025/04/08 12:0 a.m.198 views

Nagios Xi 5.6.6 - Authenticated Remote Code Execution (RCE)

Exploit Title: Nagiosxi authenticated Remote Code Execution Date: 17/02/2024 Exploit Author: Calil Khalil Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Version: Nagios Xi 5.6.6 Tested on: Ubuntu CVE : CVE-2019-15949 python3 exp.py -t https:/// -b // -u user -p 'password' -lh -lp -k...

9CVSS7.4AI score0.77741EPSS
Exploits13
VulnCheck KEV
VulnCheck KEV
added 2021/11/03 12:0 a.m.4 views

VulnCheck KEV: CVE-2019-15949

Nagios XI contains a remote code execution vulnerability in which a user can modify the checkplugin executable and insert malicious commands to execute as root...

9CVSS7.9AI score0.77741EPSS
Exploits13References1
Packet Storm
Packet Storm
added 2021/04/14 12:0 a.m.515 views

Nagios XI getprofile.sh Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Prior to 5.6.6 getprofile.sh Authenticated Remote Command Execution', 'Description' = %q This module exploits a vulnerability in the...

9CVSS0.4AI score0.77741EPSS
Exploits13
Circl
Circl
added 2020/03/10 12:0 a.m.24 views

CVE-2019-15949

creationtimestamp| type| source ---|---|--- 2020-03-10 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48191 2021-03-26 23:19:21+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/nagiosxiscanner.rb 2021-04-14 00:06:12+00:00| seen...

9CVSS7.3AI score0.77741EPSS
Exploits13References8
ATTACKERKB
ATTACKERKB
added 2019/09/05 12:0 a.m.64 views

CVE-2019-15949

Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile profile.php?cmd=download, is executed as root via a...

9CVSS8.8AI score0.77741EPSS
In wildExploits13References4
Rows per page
Query Builder