Exploit for #VU36396 Input validation error in Nagios XI

Exploit for #VU36396 Input validation error in Nagios XI

Published: 2021-06-17

Vulnerability identifier: #VU36396

Vulnerability risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-15708

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 2

June 17, 2021
- Nagios XI 5.5.6 - Magpie_debug.php Root Remote Code Execution (Metasploit) [Exploit-DB]
- Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation [Exploit-DB]

Impact: Code execution

Vulnerable software:
Nagios XI
Server applications / Other server solutions

Vendor: nagios.org