CVE-2024-54957

Medium CVSS: 6.1

Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by users with read-only permissions. This vulnerability allows an attacker to craft a malicious link that redirects users to an arbitrary external URL without their consent.

Vendor

Nagios

Product

Nagios Xi

CWE

CWE-601

Yayın Tarihi

2025-02-27 20:16:01

Güncelleme

2025-07-07 17:49:10

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-601 Nagios Xi MEDIUM Nagios 2025

Referanslar

https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2024-54957 https://www.nagios.com/products/security/

Benzer Kayıtlar

High

CVE-2026-2041

Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability. This vulnerability allo…

High

CVE-2026-2042

Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote att…

High

CVE-2026-2043

Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability. This vulnerabili…

High

CVE-2025-67254

NagiosXI 2026R1.0.1 build 1762361101 is vulnerable to Directory Traversal in /admin/coreconfigsnapshots.php.

High

CVE-2025-67255

In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any authenticated user to…

High

CVE-2025-34288

Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between s…