Vulnerabilities

CVE-2019-20197

by Fred · 31/12/2019

In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account.

Date published : 2019-12-31

https://code610.blogspot.com/2019/12/postauth-rce-in-latest-nagiosxi.html

Related

Tags: Cybersecurity Alert