2 matches found
Nagios XI Command Injection (CVE-2021-40345)
A command injection vulnerability exists in Nagios Xi. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2021-40345
CVE-2021-40345 affects Nagios XI 5.8.5. In the Admin panel’s Manage Dashlets, an administrator-uploaded ZIP can trigger a command injection via the name of the first file in the archive, enabling execution of system commands. Several sources document authenticated command-injection abuse (includi...