Vulnerability description:
NagiosXI has recently exposed multiple vulnerabilities, including unauthenticated SQL injection and authentication bypass, arbitrary code execution, privilege escalation, server-side request forgery, and account hijacking. Comprehensive use of these vulnerabilities can obtain root privileges to execute code remotely.
Affected version:
NagiosXI<= 5.2.7
Vulnerability level:
high risk
Repair suggestions:
1. Upgrade to the latest version.
2. Add a website to the cloud observation, and learn about sudden/0day vulnerabilities in website components in time. (Source: Guo Shenghua WeChat public account)