CVE-2018-8735
CVE-2018-8735
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.
Affected products
n/a · n/apublic PoCs found — 4
cve_referencewww.exploit-db.com/exploits/44560/unverifiedcve_referencewww.exploit-db.com/exploits/44969/unverifiedexploitdbwww.exploit-db.com/exploits/44969unverifiedexploitdbwww.exploit-db.com/exploits/44560unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXThttps://blog.redactedsec.net/exploits/2018/04/26/nagios.htmlhttps://gist.github.com/caleBot/f0a93b5a98574393e0139104eacc2d0fhttps://www.exploit-db.com/exploits/44560/https://www.exploit-db.com/exploits/44969/https://www.nagios.com/downloads/nagios-xi/change-log/