CVE-2021-37344

Critical

Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements…

mitre·CWE-78·Published 2021-08-13

CVSS

9.8

EPSS

0.97

KEV

Exploits

cve.orgen

181 chars

Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command (OS Command injection).

NVDen

181 chars

Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through improper neutralisation of special elements used in an OS Command (OS Command injection).

Nagios XI Switch Wizard versiones anteriores a 2.5.7, es vulnerable a una ejecución de código remota mediante una neutralización inapropiada de elementos especiales usados en un Comando del Sistema Operativo (inyección de Comandos del Sistema Operativo).

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H