Vulnerability Details : CVE-2020-35578
Public exploit exists!
An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
Exploit prediction scoring system (EPSS) score for CVE-2020-35578
94.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2020-35578
-
Nagios XI Scanner
First seen: 2021-03-26auxiliary/scanner/http/nagios_xi_scannerThe module detects the version of Nagios XI applications and suggests matching exploit modules based on the version number. Since Nagios XI applications only reveal the version to authenticated users, valid credentials for a Nagios XI account are required. Al -
Nagios XI Prior to 5.8.0 - Plugins Filename Authenticated Remote Code Exection
Disclosure Date: 2020-12-19First seen: 2021-04-14exploit/linux/http/nagios_xi_plugins_filename_authenticated_rceThis module exploits a command injection vulnerability (CVE-2020-35578) in the `/admin/monitoringplugins.php` page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows an authenticated admin user to achieve remote code execution a
CVSS scores for CVE-2020-35578
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST | |
7.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
NIST |
CWE ids for CVE-2020-35578
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-35578
-
https://www.nagios.com/products/security/
Security Disclosures - NagiosVendor Advisory
-
https://www.nagios.com/downloads/nagios-xi/change-log/
Nagios XI Change Log - NagiosRelease Notes;Vendor Advisory
-
http://packetstormsecurity.com/files/160948/Nagios-XI-5.7.x-Remote-Code-Execution.html
Nagios XI 5.7.x Remote Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/162207/Nagios-XI-Remote-Code-Execution.html
Nagios XI Remote Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
Products affected by CVE-2020-35578
- cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*