Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests.
2008-11-10T15:23:29.563
2025-04-09T00:30:58.490
Deferred
CVSSv2: 6.8 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | nagios | nagios | ≤ 3.0.4 | Yes |
| Application | nagios | nagios | 1.0 | Yes |
| Application | nagios | nagios | 1.0_b1 | Yes |
| Application | nagios | nagios | 1.0_b2 | Yes |
| Application | nagios | nagios | 1.0_b3 | Yes |
| Application | nagios | nagios | 1.0b1 | Yes |
| Application | nagios | nagios | 1.0b2 | Yes |
| Application | nagios | nagios | 1.0b3 | Yes |
| Application | nagios | nagios | 1.0b4 | Yes |
| Application | nagios | nagios | 1.0b5 | Yes |
| Application | nagios | nagios | 1.0b6 | Yes |
| Application | nagios | nagios | 1.1 | Yes |
| Application | nagios | nagios | 1.2 | Yes |
| Application | nagios | nagios | 1.3 | Yes |
| Application | nagios | nagios | 1.4 | Yes |
| Application | nagios | nagios | 1.4.1 | Yes |
| Application | nagios | nagios | 2.0 | Yes |
| Application | nagios | nagios | 2.0b1 | Yes |
| Application | nagios | nagios | 2.0b2 | Yes |
| Application | nagios | nagios | 2.0b3 | Yes |
| Application | nagios | nagios | 2.0b4 | Yes |
| Application | nagios | nagios | 2.0b5 | Yes |
| Application | nagios | nagios | 2.0b6 | Yes |
| Application | nagios | nagios | 2.0rc1 | Yes |
| Application | nagios | nagios | 2.0rc2 | Yes |
| Application | nagios | nagios | 2.1 | Yes |
| Application | nagios | nagios | 2.2 | Yes |
| Application | nagios | nagios | 2.3 | Yes |
| Application | nagios | nagios | 2.3.1 | Yes |
| Application | nagios | nagios | 2.4 | Yes |
| Application | nagios | nagios | 2.5 | Yes |
| Application | nagios | nagios | 2.7 | Yes |
| Application | nagios | nagios | 2.8 | Yes |
| Application | nagios | nagios | 2.9 | Yes |
| Application | nagios | nagios | 2.10 | Yes |
| Application | nagios | nagios | 2.11 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0 | Yes |
| Application | nagios | nagios | 3.0.1 | Yes |
| Application | nagios | nagios | 3.0.2 | Yes |
| Application | nagios | nagios | 3.0.3 | Yes |
| Application | op5 | monitor | ≤ 4.0.0 | Yes |
| Application | op5 | monitor | 2.4 | Yes |
| Application | op5 | monitor | 2.6 | Yes |
| Application | op5 | monitor | 2.8 | Yes |
| Application | op5 | monitor | 3.0 | Yes |
| Application | op5 | monitor | 3.0.0 | Yes |
| Application | op5 | monitor | 3.2 | Yes |
| Application | op5 | monitor | 3.2.4 | Yes |
| Application | op5 | monitor | 3.3.1 | Yes |
| Application | op5 | monitor | 3.3.2 | Yes |
| Application | op5 | monitor | 3.3.3 | Yes |