Nagios XI 5.7.3 Remote Code Execution
Posted by deepcore on April 20, 2021 – 10:42 pm
This Metasploit module exploits CVE-2020-5791, an OS command injection vulnerability on Nagios XI versions 5.6.0 through 5.7.3 in admin/mibs.php that enables an authenticated user with admin privileges to achieve remote code execution as either the apache user or the www-data user.
Post a reply
You must be logged in to post a comment.