Search Results | AttackerKB

Show filters

Topics 155 Users 9,710

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

155 Total Results

Displaying 31-40 of 155

Attacker Value

Unknown

CVE-2021-36365

Disclosure Date: September 28, 2021 (last updated February 23, 2025)

Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-36366

Disclosure Date: September 28, 2021 (last updated November 28, 2024)

Nagios XI before 5.8.5 incorrectly allows manage_services.sh wildcards.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-36364

Disclosure Date: September 28, 2021 (last updated November 28, 2024)

Nagios XI before 5.8.5 incorrectly allows backup_xi.sh wildcards.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-36363

Disclosure Date: September 28, 2021 (last updated February 23, 2025)

Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-38156

Disclosure Date: September 15, 2021 (last updated February 23, 2025)

In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2021-37350

Disclosure Date: August 13, 2021 (last updated February 23, 2025)

Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-37348

Disclosure Date: August 13, 2021 (last updated February 23, 2025)

Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-37343

Disclosure Date: August 13, 2021 (last updated February 23, 2025)

A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2021-37351

Disclosure Date: August 13, 2021 (last updated February 23, 2025)

Nagios XI before version 5.8.5 is vulnerable to insecure permissions and allows unauthenticated users to access guarded pages through a crafted HTTP request to the server.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-37344

Disclosure Date: August 13, 2021 (last updated February 23, 2025)

Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command (OS Command injection).

Attack Vector: Network Privileges: None User Interaction: None

0