CVE-2025-34287

Nagios XI versions prior to 2024R2 contain an improperly owned script, processperfdata.pl, which is executed periodically as the nagios user but owned by www-data. Because the file was writable by www-data, an attacker with web server privileges could modify its contents, leading to arbitrary cod...

CVE-2025-34274

Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compromise the Logstash process - for example by exploiting an insecure plugin, pipeline configuration...

EUVD-2018-8000

Malware in sbrugna...

CVE-2025-34227

Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...

CVE-2025-34227

Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...

PT-2025-39429

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2026R1 Description Nagios XI is susceptible to an authenticated command injection issue present in the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. Successful exploitatio...

Code injection

An issue was discovered in Nagios XI 5.8.5. Insecure file permissions on the nagiosunbundler.py file allow the nagios user to elevate their privileges to the root user...

Command injection

Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile profile.php?cmd=download, is executed as root via a...

CVE-2019-15949

Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile profile.php?cmd=download, is executed as root via a...

CVE-2018-16145

The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of...

CVE-2018-16146

The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary command injection wi...

CVE-2018-16145

The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of...

CVE-2018-16145

Opsview Monitor vulnerability CVE-2018-16145 affects the boot-time script /etc/init.d/opsview-reporting-module, which runs with Nagios privileges and can be used to elevate to root after a reboot by editing the /opt/opsview/jasper/bin/db_jasper component. The root cause is that the vulnerable scr...

Opsview Monitor Local Elevation of Privilege Vulnerability

Opsview Monitor is a virtual appliance designed to be deployed in an organization's network infrastructure. It is bundled with a Web management console for monitoring and managing hosts and their services. Opsview Monitor suffers from a local elevation of privilege vulnerability that allows an...

Opsview Monitor Command Execution Vulnerability

Opsview Monitor is a virtual appliance designed to be deployed in an organization's network infrastructure. It is bundled with a Web management console for monitoring and managing hosts and their services. Opsview Monitor has a command execution vulnerability that allows an attacker to gain acces...

nagios: Privilege escalation issue

A privilege escalation flaw was found in the way Nagios handled log files. An attacker able to control the Nagios logging configuration the 'nagios' user/group could use this flaw to elevate their privileges to root...

GroundWork Monitor Enterprise Foundation Webapp Admin Arbitrary File Access

The remote host has a version of GroundWork Monitor Enterprise installed that has an arbitrary file access vulnerability in the Foundation Webapp Admin interface. By sending a specially crafted HTTP request, it is possible for a remote attacker to read or modify files the nagios user has access t...