VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jul 9, 2013· Updated Apr 29, 2026

CVE-2013-1362

CVE-2013-1362

Description

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

Affected products

32
  • Nagios/Remote Plugin Executor29 versions
    cpe:2.3:a:nagios:remote_plug_in_executor:*:*:*:*:*:*:*:*+ 28 more
    • cpe:2.3:a:nagios:remote_plug_in_executor:*:*:*:*:*:*:*:*range: <=2.13
    • cpe:2.3:a:nagios:remote_plug_in_executor:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.0b1:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.0b2:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.0b3:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.0b4:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.0b5:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.8b1:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:nagios:remote_plug_in_executor:2.12:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE3 versions
    cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.