CVE-2021-25296 Scanner
Detects 'OS Command Injection' vulnerability in Nagios XI affects v. xi-5.7.5.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
Nagios XI is an enterprise-level IT infrastructure monitoring solution used to detect and resolve IT infrastructure issues before they affect critical business processes. It provides complete monitoring of networks, servers, applications, and services, all through a single pane of glass. It is widely used by organizations that require high availability and uptime for their critical business operations.
Unfortunately, Nagios XI is not immune to vulnerabilities. One such vulnerability is CVE-2021-25296. This vulnerability exists in the file "/usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php" due to incorrect sanitization of user-controlled input. As a result, authenticated users can inject operating system commands, leading to OS command injection on the Nagios XI server.
The exploitation of CVE-2021-25296 can lead to grave consequences. Attackers can leverage the vulnerability to execute arbitrary commands on the remote server with the permissions of the Nagios XI user account. With the right privileges, this can result in information disclosure, data theft, or even complete control of the system.
s4e.io provides comprehensive security solutions for businesses of all sizes. Thanks to the pro features of the platform, users can quickly and easily discover vulnerabilities in their digital assets. It enables enterprises to gain complete visibility into their assets, monitor for vulnerabilities and emerging threats, and prioritize remediation efforts to prevent security incidents. By using this platform, businesses can stay ahead of cybercriminals and protect their critical assets from harm.
REFERENCES
- http://nagios.com
- http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html
- https://assets.nagios.com/downloads/nagiosxi/versions.php
- https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md
- https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and