Nagios XI 5.7.3 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI 5.6.0-5.7.3 - Mibs.php Authenticated Remote Code Exection', 'Description' = %q This module exploits CVE-2020-5791, an OS command...

Nagios XI 5.6.0-5.7.3 - Mibs.php Authenticated Remote Code Exection

This module exploits CVE-2020-5791, an OS command injection vulnerability in admin/mibs.php that enables an authenticated user with admin privileges to achieve remote code execution as either the apache user or the www-data user on NagiosXI version 5.6.0 to 5.7.3 inclusive exact user depends on t...

Nagios XI mibs.php Command Injection (CVE-2020-5791)

A command injection vulnerability exists in Nagios XI. This vulnerability is due to insufficient validation of the input parameters in the mibs.php...