Vulnerabilities > Nagios > Fusion > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-24 CVE-2020-28905 Code Injection vulnerability in Nagios Fusion
Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to execute remote code via table pagination.
network
low complexity
nagios CWE-94
8.8
8.8
2021-05-24 CVE-2020-28906 Incorrect Default Permissions vulnerability in Nagios Fusion and Nagios XI
Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root.
network
low complexity
nagios CWE-276
8.8
8.8
2021-05-24 CVE-2020-28909 Incorrect Permission Assignment for Critical Resource vulnerability in Nagios Fusion
Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root via modification of scripts.
network
low complexity
nagios CWE-732
8.8
8.8