What is CVE-2018-8733?

CVE-2018-8733 is a vulnerability in N/a. Published 2018-04-18.

Is CVE-2018-8733 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-8733

Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability.

EPSS: 0.771 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

gist.github.com/caleBot/f0a93b5a98574393e0139104eacc2d0f (x_refsource_MISC)
44560 (exploit, x_refsource_EXPLOIT-DB)
www.nagios.com/downloads/nagios-xi/change-log/ (x_refsource_MISC)
blog.redactedsec.net/exploits/2018/04/26/nagios.html (x_refsource_MISC)
assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT (x_refsource_MISC)
44969 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2018-8733?: CVE-2018-8733 is a vulnerability in N/a. Published 2018-04-18.
Is CVE-2018-8733 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.