Threat Advisories - NVD Disclosed February 15, 2021

CVE-2021-25298

Nagios XI Command Injection Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Nagios XI allows attackers to inject and execute commands on the server, impacting system integrity and data. This occurs through improper handling of authenticated user input in a configuration wizard. The risk to affected organizations includes potential disruption of monitoring operations and expo

NVD published: February 15, 2021 • CISA KEV

CVE advisoryKnown Exploit

CVE-2021-25297

Nagios XI OS Command Injection Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Nagios XI allows authenticated users to inject OS commands, potentially compromising the server. This impacts system availability and data integrity. Organizations face business risk from unauthorized command execution and system control.

NVD published: February 15, 2021 • CISA KEV

CVE advisoryKnown Exploit

CVE-2021-25296

Nagios XI OS Command Injection Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Nagios XI allows attackers to inject OS commands, potentially affecting server integrity and data. The risk arises from improper input handling in a configuration wizard. Remediation involves applying vendor updates.

NVD published: February 15, 2021 • CISA KEV