nagios-status-page: Nagios Current Status Page - Detect

漏洞描述

PoC代码[已公开]

id: nagios-status-page

info:
  name: Nagios Current Status Page - Detect
  author: dhiyaneshDk
  severity: medium
  description: Nagios current status page was detected.
  reference:
    - https://www.exploit-db.com/ghdb/6918
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    max-request: 3
  tags: exposure,nagios,status,edb,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/nagios/cgi-bin/status.cgi'
      - '{{BaseURL}}/cgi-bin/nagios4/status.cgi'
      - '{{BaseURL}}/cgi-bin/nagios3/status.cgi'

    matchers:
      - type: word
        words:
          - Current Network Status
# digest: 4a0a00473045022071f8d7764fee78b9810115ce00f26d449faeb00cfa066881e105dba5b9ff9b720221008e9aaada18c9c462d34bc767e89c31bc3b7bf01f4b486853ea71d3284db1b8ce:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC CVE-2018-10735: NagiosXI <= 5.4.12 `commandline.php` SQL injection
• POC CVE-2018-10736: NagiosXI <= 5.4.12 - SQL injection
• POC CVE-2018-10737: NagiosXI <= 5.4.12 logbook.php SQL injection
• POC CVE-2018-10738: NagiosXI <= 5.4.12 menuaccess.php - SQL injection
• POC CVE-2021-25296: Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection
• POC CVE-2021-25297: Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection
• POC CVE-2021-25298: Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection
• POC CVE-2021-25299: Nagios XI 5.7.5 - Cross-Site Scripting
• POC CVE-2021-38156: Nagios XI < 5.8.6 - Cross-Site Scripting
• POC CVE-2022-29272: Nagios XI <5.8.5 - Open Redirect
• POC CVE-2023-40931: Nagios XI v5.11.0 - SQL Injection
• POC CVE-2023-48084: Nagios XI < 5.11.3 - SQL Injection
• POC CVE-2018-10735: Nagios XI commandline.php SQL Inject