Описание
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-8735
- https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT
- https://blog.redactedsec.net/exploits/2018/04/26/nagios.html
- https://gist.github.com/caleBot/f0a93b5a98574393e0139104eacc2d0f
- https://www.exploit-db.com/exploits/44560
- https://www.exploit-db.com/exploits/44969
- https://www.nagios.com/downloads/nagios-xi/change-log
Связанные уязвимости
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.