mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-01 06:51:35 +02:00
marc
783 B
783 B
CVE-2020-28648
Description
Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code.
POC
Reference
- http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html
- https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/