2 matches found
CVE-2024-13986
Nagios XI 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an arbitrary file upload and a path traversal in the Core Config Snapshots interface. The issue arises from insufficient validation of file paths and extensions during MIB upload and snapshot rename...
PT-2025-35099
Name of the Vulnerable Software and Affected Versions: Nagios XI versions prior to 2024R1.3.2 Description: Nagios XI is susceptible to remote code execution due to chained flaws: an arbitrary file upload and a path traversal within the Core Config Snapshots interface. Insufficient validation of...