nagiosxi-installer: Nagios XI Installer

漏洞描述

PoC代码[已公开]

id: nagiosxi-installer

info:
  name: Nagios XI Installer
  author: ritikchaddha
  severity: high
  description: Nagios XI is susceptible to the Installation page exposure due to misconfiguration.
  classification:
    cpe: cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: nagios
    product: nagios_xi
    shodan-query: title:"Nagios XI"
  tags: misconfig,exposure,install,nagiosxi,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/nagiosxi/install.php'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'Nagios XI Installation'

      - type: status
        status:
          - 200
# digest: 4a0a004730450220671e9f650aa22f0f6ccc67045f3d9ef3ba39e8d6c0f424e74d64bd982afb86c0022100c12bd0d1ab760fa77c876718b064345e852adff8edfa9b83a3fd5a3d7d647261:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC fork-installer: Fork CMS - Installer
• POC roundcube-installer-exposure: Roundcube Webmail Installer - Exposure
• Nagios XI-默认口令漏洞
• POC metabase-installer-exposure: Metabase Installer - Exposure
• Nagios Log Server 需授权 命令注入漏洞
• Nagios Log Server 权限管理不当漏洞
• POC churchcrm-installer: ChurchCRM - Setup Exposure
• POC CVE-2017-17736: Kentico - Installer Privilege Escalation
• POC CVE-2018-10735: NagiosXI <= 5.4.12 `commandline.php` SQL injection
• POC CVE-2018-10736: NagiosXI <= 5.4.12 - SQL injection
• POC CVE-2018-10737: NagiosXI <= 5.4.12 logbook.php SQL injection
• POC CVE-2018-10738: NagiosXI <= 5.4.12 menuaccess.php - SQL injection
• POC CVE-2021-25296: Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection