cve/2019/CVE-2019-9202.md

CVE-2019-9202

Description

Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues.

POC

Reference

• http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html
• http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html

Github

• https://github.com/0xT11/CVE-POC
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/hectorgie/PoC-in-GitHub
• https://github.com/polict/CVE-2019-9202