Nagios XI 5.5.6 allows remote authenticated attackers to execute arbitrary commands via a crafted HTTP request.

Published : 2018-11-14 18:29 Updated : 2018-12-06 20:46

CVSS Score More info
Score 6.5 / 10
Vendor Product Version URI
Nagios Nagios Xi 5.5.6 cpe:/a:nagios:nagios_xi:5.5.6
  1. Nagios (1) Search CVE
    1. Nagios Xi (1) Search CVE
      1. 5.5.6


ID Name Description Links
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection') The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. CVE

History of changes

Date Event
2018-12-06 20:46
2018-11-14 18:29