Nagios XI Remote Code Execution

Posted on 15 April 2021

This Metasploit module exploits a command injection vulnerability in the /admin/monitoringplugins.php page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows an authenticated admin user to achieve remote code execution as the apache user by uploading a malicious plugin. Valid credentials for a Nagios XI admin user are required. This module has been successfully tested against Nagios versions XI 5.3.0 and 5.7.5, both running on CentOS 7.

TOP

Malware :

HackTool:Win64/ProcHack
Trojan:Win64/SvcMiner.A
HackTool:Win64/Reflectivensa.gen!A
Trojan:Win64/CoinMiner
Backdoor:Win64/Diovule.A

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20