HTTP: Nagios XI cmdsubsys.php Archive Name Command Injection
This signature detects attempts to exploit a known vulnerability against command subsystem script cmdsubsys.php of Nagios XI. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an administrator can upload ZIP files. A command injection (within the name of the first file in the archive) allows an attacker to execute system commands.
Affected Products
Nagios nagios_xi
Short Name
HTTP:CTS:NAGIOS-CMDSBSYS-CMDINJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Archive CVE-2021-40345 Command Injection Nagios Name XI cmdsubsys.php
Release Date
10/26/2021
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3671
False Positive
Unknown
Vendors
Nagios
CVSS Score
9.0