Skip to content

MAWK0235/CVE-2024-24401

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits

MawkNagiosXIPOC.py

MawkNagiosXIPOC.py

 
 

README.md

README.md

 
 

Repository files navigation

Vulnerability Report

CVE Disovered by: Jarod Jaslow (MAWK)

(DESIGNED TO BE RUN ON KALI LINUX)

Vulnerability Details:

  • Endpoint: /nagiosxi//config/monitoringwizard.php Nagios XI Version 2024R1.01
  • Vulnerability Type: Authenticated SQL Injection
  • Exploitation Result: Admin account creation and full remote code execution

Steps to Reproduce:

  1. Create a fresh instance of Nagios XI Version 2024R1.01. Pasted image 20240118113507

Pasted image 20240118113528

Pasted image 20240118113539

Pasted image 20240118113554

  1. Create a user with minimum permissions. Pasted image 20240118113548

  2. Start a local listener on the attacker machine using netcat: nc -nlvp 4444.

  3. Execute the provided Python script with the correct arguments:

    python3 MawkiNagiosXIPOC.py <target IP> <Local Listening IP> <NC listening port>

Pasted image 20240118113632

Proof of Concept:

Attached is the Python script demonstrating the vulnerability

Recommendation:

To mitigate the risk of SQL injection, it is strongly advised to use parameterized queries or prepared statements when interacting with databases. Parameterized queries ensure that user input is treated as data, not executable code, making it much more difficult for attackers to inject malicious SQL statements.

This should be mitigated in recent updates.

CVE:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-24401

About

Auto exploitation tool for CVE-2024-24401.

Resources

Readme
Activity

Stars

8 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages