CVE-2020-22427

CVE-2020-22427 affects NagiosXI 5.6.11 and is an RCE vulnerability where an authenticated nagiosadmin user can inject additional commands into a request. The connected Red Hat/PRION/PTSecurity entries corroborate an authenticated-command-injection path leading to remote code execution, but no ven...

NagiosXI 5.6.11 start / end / step Remote Code Execution Exploit

Exploit for php platform in category web applications Title: Postauth RCE in NagiosXI 5.6.11 Vendor: www.nagios.com Vulnerable software: https://www.nagios.com/downloads/nagios-xi/vmware/ Repo: https://github.com/c610/free/ email protected:/src/eonila/nagiospox$ cat nagiospox.py !/usr/bin/env...

Fedora Nagios package design flaw vulnerability

The Fedora Nagios package is a package with computer system and network monitoring features developed by the Fedora Project community. A security vulnerability exists in the Fedora Nagios package that stems from the nagiosadmin administrator using nagiosadmin as the default password. A remote...

CVE-2016-0726

The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials...

Nagios Admin 1.0 & 0.9.2 - Multiple Web Vulnerabilities

Document Title: =============== Nagios Admin 1.0 & 0.9.2 - Multiple Web Vulnerabilities Release Date: ============= 2011-07-18 Vulnerability Laboratory ID VL-ID: ==================================== 52 Product & Service Introduction: =============================== Ab sofort steht der...

Nagios XI Multiple Cross Site Request Forgery Vulnerabilities

Nagios XI is prone to multiple cross-site request-forgery vulnerabilities because the application fails to properly validate HTTP requests. Successful exploit requires that the 'nagiosadmin' be logged into the web interface. Attackers can exploit these issues to gain unauthorized access to the...