{"uuid": "4edec5c4-6385-49f4-95b9-1815bef90645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/LYNXBLACKHHATS/8323", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-30T06:28:15.000000Z"}