{"uuid": "944b827e-670e-4258-8ed0-1db518e34d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4368", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-24T16:13:09.000000Z"}