👩‍💻 Nagios XI — RCE

Nagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution.

🔗 Source:
https://github.com/MAWK0235/CVE-2024-24401

#nagios #sql #rce #privesc #poc #exploit