HTTP: Nagios XI WatchGuard Wizard Watchguard.inc.php Command Injection

This signature detects attempts to exploit a known vulnerability against Nagios XI WatchGuard Wizard. A successful attack can lead to command injection and arbitrary code execution.

Extended Description

Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through Improper neutralisation of special elements used in an OS Command (OS Command injection).

Affected Products

Nagios nagios_xi_watchguard_wizard

Short Name
HTTP:CTS:NAGIOS-WTCHGRD-CMD-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2021-37344 CVE-2021-37346 CVE-2025-34227 Command Injection Nagios WatchGuard Watchguard.inc.php Wizard XI
Release Date
08/25/2021
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3856
False Positive
Unknown
Vendors

Nagios

CVSS Score

7.5

Found a potential security threat?