← back
CVE-2021-25298

CVE-2021-25298

CVSS 8.8 HIGHEPSS 75.2%● KEVCWE-78
Vexday Risk Score
100Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 8.8EPSS 75.2%KEV simPoC públicaNuclei simMetasploit simPatch
Lifecycle
13 Feb 2021Metasploit module available
15 Feb 2021Published on NVD
18 Jan 2022Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

Nagios XI 5.7.5 allows authenticated users to inject operating system commands through a cloud-vm configuration wizard, potentially giving attackers complete control of the server.

Technical detail

OS command injection vulnerability in /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php exploitable via authenticated HTTP requests with unsanitized input parameters. Attack requires valid Nagios XI credentials; successful exploitation enables arbitrary command execution with server privileges.

Summary generated and translated by AI from the official description.
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://nagios.comhttp://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.htmlhttps://assets.nagios.com/downloads/nagiosxi/versions.phphttps://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.mdhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25298https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and