VYPR
Unrated severityNVD Advisory· Published Oct 30, 2025· Updated Nov 17, 2025

Nagios XI < 2024R1.2 RCE via NRDP Server Plugins

CVE-2024-14003

Description

Nagios XI versions prior to 2024R1.2 are vulnerable to remote code execution (RCE) through its NRDP (Nagios Remote Data Processor) server plugins. Insufficient validation of inbound NRDP request parameters allows crafted input to reach command execution paths, enabling attackers to execute arbitrary commands on the underlying host in the context of the web/Nagios service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nagios/XIllm-fuzzy
    Range: <2024R1.2
  • Nagios/XIv5
    Range: 0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.