CVE-2021-25297 Scanner
Detects 'OS Command Injection' vulnerability in Nagios XI affects v. xi-5.7.5.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
Nagios XI is an open-source and enterprise-class server monitoring solution, primarily developed for Linux and Unix operating systems. This software provides a comprehensive view of the entire IT infrastructure, including servers, network devices, applications, and services. Nagios XI can detect server or network device issues before they escalate into major problems. Moreover, it helps to maintain the optimal performance of IT resources by monitoring availability, response time, and other key performance metrics.
CVE-2021-25297 is an OS command injection vulnerability that affects Nagios XI version xi-5.7.5. This security issue is located in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php. The vulnerability is caused due to the inadequate sanitization of authenticated user-controlled input by a single HTTP request. As a result, an attacker can inject malicious code into the server and execute arbitrary commands with the privileges of the application or server user.
The exploitation of CVE-2021-25297 has severe consequences for the affected system. When exploited, the attackers can gain full control over the server and steal sensitive data, disrupt services, and compromise the entire infrastructure. The attackers can use this vulnerability to launch further attacks, such as ransomware or data exfiltration, to cause significant financial and reputational damages.
In conclusion, Nagios XI is a powerful monitoring tool used by many organizations to ensure the optimal performance of their IT infrastructure. However, it is crucial to stay alert to vulnerabilities like CVE-2021-25297 and take necessary precautions to protect against them. By utilizing the pro features of the s4e.io platform, readers can quickly and easily learn about vulnerabilities in their digital assets and safeguard them against potential cyberattacks.
REFERENCES
- http://nagios.com
- http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html
- https://assets.nagios.com/downloads/nagiosxi/versions.php
- https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md
- https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and