Vulnerability in N/a
CVE-2021-25297
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input…
EPSS: 0.819 (99.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
CISA KEV (Known Exploited Vulnerabilities)
This CVE is on the CISA KEV catalog, added on . CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.
BOD 22-01 due date: .
Required action: Apply updates per vendor instructions.
Public proof-of-concept exploits
References
- nagios.com
- assets.nagios.com/downloads/nagiosxi/versions.php
- github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md
- packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html
- packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html
- www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-meta…
Frequently asked questions
- What is CVE-2021-25297?
- CVE-2021-25297 is a vulnerability in N/a. Published 2021-02-15.
- Is CVE-2021-25297 known to be exploited?
- Yes. CVE-2021-25297 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2022-01-18), indicating it is being actively exploited. 7 public proof-of-concept repositories are indexed.