CVE-2021-37348

High

Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php.

mitre·CWE-552·Published 2021-08-13

CVSS

7.5

EPSS

0.03

KEV

Exploits

cve.orgen

124 chars

Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php.

NVDen

124 chars

Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php.

Nagios XI versiones anteriores a 5.8.5, es vulnerable a una inclusión de archivos locales mediante la limitación inapropiada de un nombre de ruta en el archivo index.php.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N