{"uuid": "6bcb52c7-06a0-4245-859f-5b6a73dd208b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1535", "content": "\ud83d\udc69\u200d\ud83d\udcbb Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\n\ud83d\udd17 Source:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-05T13:09:54.000000Z"}