Permissions missuses in Nagios XI 5.7.4

Overview :
Permissions missuses in Nagios
Affected Product(s) :
  • Nagios XI 5.7.4
Vulnerability Details :
CVE ID : CVE-2020-5796
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges.

Solution :

Upgrade to Nagios XI 5.7.5 or newer.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-3270 : FESTO VTEM-S1 INSUFFICIENT TECHNICAL DOCUMENTATION

CVE-2022-3270 : FESTO VTEM-S1 INSUFFICIENT TECHNICAL DOCUMENTATION

Description In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead

CVE-2022-4221 : ASUS NAS-M25 UP TO 1.0.1.7 COOKIE OS COMMAND INJECTION

CVE-2022-4221 : ASUS NAS-M25 UP TO 1.0.1.7 COOKIE OS COMMAND INJECTION

Description Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Asus NAS-M25 allows an

CVE-2022-45045 : XIONGMAI MBD6304T/NBD6808T-PL JSON FILE DESERIALIZATION

CVE-2022-45045 : XIONGMAI MBD6304T/NBD6808T-PL JSON FILE DESERIALIZATION

Description Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root,