CVE-2021-40345

Published
View on NVD ↗
CVSS v3
7.2
HIGH
CVSS v2
9
HIGH
Affected
1
PROJECT

Description

An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an administrator can upload ZIP files. A command injection (within the name of the first file in the archive) allows an attacker to execute system commands.

ArianeBlow/NagiosXI-RCE-all-version-CVE-2021-40345
ArianeBlow/NagiosXI-RCE-all-version-CVE-2021-40345
RFI to RCE Nagios/NagiosXI exploitation
GitHubGitHub