VYPR
Unrated severityNVD Advisory· Published Oct 26, 2021· Updated Aug 4, 2024

CVE-2021-40344

CVE-2021-40344

Description

An issue was discovered in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, an administrator can upload files with arbitrary extensions as long as the MIME type corresponds to an image. Therefore it is possible to upload a crafted PHP script to achieve remote command execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nagios XI/Nagios XIdescription
  • Nagios/Nagiosllm-fuzzy
    Range: <= 5.8.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.