The vulnerability of the panorama.pm web interface component in monitoring consoles for Naemon, Nagios, Icinga, and Shinken THRUK allows a hacker to load any file they desire.

The vulnerability of the panorama.pm web interface of the monitoring console for Naemon, Nagios, Icinga, and Shinken THRUK relates to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to download any file remotely...