Multiple OS command injection vulnerabilities in Nagios XI
by CIRT Team
Description:
CVE-2021-25296
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
Mitigation:
Upgrade the Windows WMI config wizard from Admin > Manage Config Wizards to version 2.2.3 or above.
CVE-2021-25297
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
Mitigation:
Upgrade the Switch config wizard from Admin > Manage Config Wizards to version 2.5.4 or above.
CVE-2021-25298
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.
Mitigation:
Upgrade the Cloud-VM config wizard from Admin > Manage Config Wizards to version 1.0.4 or above.
Impact:
Base Score: 8.8 HIGH
OS command injection as the apache user through variables passed into the Config Wizard.
System Affected:
Nagios XI: 5.7.5
Mitigation: Updates are available. Please see the references or vendor advisory for more information.
Reference URL’s:
https://www.nagios.com/products/security/
https://assets.nagios.com/downloads/nagiosxi/versions.php
https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md
https://www.nagios.com
https://nvd.nist.gov/vuln/detail/CVE-2021-25296
https://nvd.nist.gov/vuln/detail/CVE-2021-25297
https://nvd.nist.gov/vuln/detail/CVE-2021-25298
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts
Subscribe here
MEMBER OF:
