Vulnerability in N/a
CVE-2021-40344
An issue was discovered in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, an administrator can upload files with arbitrary extensions as long as the MIME type corresponds to an image. Therefore it is possible to upload…
EPSS: 0.692 (98.7th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT (x_refsource_MISC)
- synacktiv.com (x_refsource_MISC)
- www.synacktiv.com/sites/default/files/2021-10/Nagios_XI_multiple_vulnerabilitie… (x_refsource_MISC)