Vulnerability in N/a
CVE-2021-25296
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlle…
EPSS: 0.933 (99.8th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
CISA KEV (Known Exploited Vulnerabilities)
This CVE is on the CISA KEV catalog, added on . CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.
BOD 22-01 due date: .
Required action: Apply updates per vendor instructions.
Public proof-of-concept exploits
References
- nagios.com
- assets.nagios.com/downloads/nagiosxi/versions.php
- github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md
- packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html
- packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html
- www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-meta…
Frequently asked questions
- What is CVE-2021-25296?
- CVE-2021-25296 is a vulnerability in N/a. Published 2021-02-15.
- Is CVE-2021-25296 known to be exploited?
- Yes. CVE-2021-25296 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2022-01-18), indicating it is being actively exploited. 10 public proof-of-concept repositories are indexed.