Nagios Monitoring Tool Vulnerabilities Let Attackers Perform SQL Injection

Nagios XI is a prominent and frequently used commercial monitoring system for IT infrastructure and network monitoring.  Vulnerability Research Engineer Astrid Tedenbrant found four distinct vulnerabilities in Nagios XI (version 5.11.1 and below) while conducting routine research. By making use of three of these flaws classified as (CVE-2023-40931, CVE-2023-40933, and CVE-2023-40934), users with various levels of access … Continue reading Nagios Monitoring Tool Vulnerabilities Let Attackers Perform SQL Injection