Vulnerabilities > Nagios > Nagios XI
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-30 | CVE-2018-10553 | Path Traversal vulnerability in Nagios XI 5.4.13 An issue was discovered in Nagios XI 5.4.13. | 6.5 |
| 2018-04-18 | CVE-2018-8736 | Unspecified vulnerability in Nagios XI A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to leverage an RCE vulnerability escalating to root. | 8.8 |
| 2018-04-18 | CVE-2018-8735 | OS Command Injection vulnerability in Nagios XI Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection. | 8.8 |
| 2018-04-18 | CVE-2018-8734 | SQL Injection vulnerability in Nagios XI SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary SQL commands via the selInfoKey1 parameter. | 9.8 |
| 2018-04-18 | CVE-2018-8733 | SQL Injection vulnerability in Nagios XI Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability. | 9.8 |