Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php.

Published : 2018-11-14 18:29 Updated : 2019-01-24 11:29

CVSS Score More info
Score 7.2 / 10
Vendor Product Version URI
Nagios Nagios Xi 5.5.6 cpe:/a:nagios:nagios_xi:5.5.6
  1. Nagios (1) Search CVE
    1. Nagios Xi (1) Search CVE
      1. 5.5.6


ID Name Description Links
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection') The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. CVE

History of changes

Date Event
2019-01-24 11:29
2018-12-06 20:52
2018-11-14 18:29