:: Deepquest ::

This Metasploit module exploits an OS command injection vulnerability in includes/components/nxti/index.php that enables an authenticated user with admin privileges to achieve remote code execution as the apache user. Valid credentials for a Nagios XI admin user are required. This module has been successfully tested against Nagios XI 5.7.3 running on CentOS 7.