CVE-2020-28648

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
16/11/2020
Last modified:
18/10/2022

Description

Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:* 5.7.5 (excluding)