Nagios XI 'visApi.php' Multiple Command Injection Vulnerabilities

Nagios XI is prone to multiple command-injection vulnerabilities because it fails to adequately sanitize user-supplied input.

Attackers can exploit these issues to execute arbitrary commands in the context of the web server process. Successful exploits could compromise the application and possibly the underlying system.

Nagios XI Network Monitor 2011R1.9, Nagios XI Graph Explorer component versions prior to 1.3 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus