CVE-2020-5792

Summary

Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user.

Affected Software

VendorProductVersion RangeStatus
n/aNagios XI5.7.3affected

Weaknesses

  • Authenticated OS Command Argument Injection

ADP Enrichment

CVE Program Container

Additional References

References