Nagios.XI.cmdsubsys.php.Archive.Name.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection Vulnerability in Nagios Enterprises Nagios XI.
The vulnerability is due to lack of input sanitization on the names of user-uploaded archive files. A remote, authenticated attacker could exploit this vulnerability by uploading crafted files to the target server. Successful exploitation allows the attacker to execute arbitrary commands under the security context of the nagios user.
Affected Products
Nagios Enterprises Nagios XI prior to 5.8.6
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.nagios.com/downloads/nagios-xi/change-log/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |