What is CVE-2024-24401?

CVE-2024-24401 is a vulnerability in N/a. Published 2024-02-26.

Is CVE-2024-24401 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2024-24401

SQL Injection vulnerability in Nagios XI 2024R1.01 allows a remote attacker to execute arbitrary code via a crafted payload to the monitoringwizard.php component.

EPSS: 0.580 (98.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

MAWK0235/CVE-2024-24401
JIBEG-UNIX/CVE-2024-24401
ARPSyndicate/cve-scores
fkie-cad/nvd-json-data-feeds
nomi-sec/PoC-in-GitHub

References

www.nagios.com/changelog/

Frequently asked questions

What is CVE-2024-24401?: CVE-2024-24401 is a vulnerability in N/a. Published 2024-02-26.
Is CVE-2024-24401 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.