exploitDog

CVE-2018-25123

Опубликовано: 30 окт. 2025

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Nagios XI versions prior to 5.5.7 contain a privilege escalation vulnerability in the MRTG graphing component. MRTG-related processes/scripts executed with excessive privileges, allowing a local attacker with limited system access to abuse file/command execution paths or writable resources to gain elevated privileges.

Ссылки

https://www.nagios.com/changelog/nagios-xi/
Release Notes
https://www.vulncheck.com/advisories/nagios-xi-privilege-escalation-via-mrtg-graphing-component
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*

Версия до 5.5.7 (исключая)

EPSS

Процентиль: 6%

0.00024

Низкий

7.8 High

CVSS3

Дефекты

CWE-250

Связанные уязвимости

GHSA-cg42-mqc9-9fhp

CVSS3: 7.8

github

3 месяца назад

Nagios XI versions prior to 5.5.7 contain a privilege escalation vulnerability in the MRTG graphing component. MRTG-related processes/scripts executed with excessive privileges, allowing a local attacker with limited system access to abuse file/command execution paths or writable resources to gain elevated privileges.

EPSS

Процентиль: 6%

0.00024

Низкий

7.8 High

CVSS3

Дефекты

CWE-250