Описание
Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution.
Ссылки
EPSS
Процентиль: 98%
0.46601
Средний
Дефекты
CWE-78
Связанные уязвимости
github
6 месяцев назад
Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in `visApi.php`. An authenticated user can inject system commands via unsanitized parameters such as `host`, resulting in remote code execution.
EPSS
Процентиль: 98%
0.46601
Средний
Дефекты
CWE-78