2 matches found
Nagios XI Command Injection (CVE-2019-20197)
A command Injection vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2019-20197
In Nagios XI 5.6.9, CVE-2019-20197 describes an OS command-injection vulnerability where an authenticated user can execute arbitrary commands via shell metacharacters in the id parameter to schedulereport.php, running with the web-server user context. The issue is triggered by crafted input, enab...