Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-13986

Nagios XI < 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an arbitrary file upload and a path traversal in the Core Config Snapshots interface. The issue arises from insufficient validation of file paths and extensions during MIB upload and snapshot rename operations. Exploitation results in the placement of attacker-controlled PHP files in a web-accessible directory, executed as the www-data user.

Published

2025-08-28T16:15:32.883

Last Modified

2025-11-04T23:15:33.787

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Secondary
CWE-22
CWE-434
Type: Primary
CWE-22
CWE-434

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	nagios	nagios_xi	< 2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes
Application	nagios	nagios_xi	2024	Yes

References

https://theyhack.me/Nagios-XI-Authenticated-RCE Exploit, Third Party Advisory ([email protected])
https://www.nagios.com/changelog/nagios-xi/ ([email protected])
https://www.nagios.com/products/security/#nagios-xi ([email protected])
https://www.vulncheck.com/advisories/nagios-xi-authenticated-arbitrary-file-upload-path-traversal-rce ([email protected])
https://theyhack.me/Nagios-XI-Authenticated-RCE/ Exploit, Third Party Advisory (134c704f-9b21-4f2e-91b3-4a467353bcc0)