CVE-2019-9165

CVE-2019-9165

EPSS 5.3%

SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html https://www.nagios.com/downloads/nagios-xi/change-log/https://www.nagios.com/products/security/