{"uuid": "fc355447-b3b0-471c-b6c7-a1b79788815c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-24401", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/4771", "content": "Nagios XI \u2014 RCE\n\nNagios XI 2024R1.01 has a vulnerability in the monitoringwizard.php component, allowing authenticated SQL injection (CVE-2024-24401) that lets attackers create an admin account and remote code execution. \n\nSource:\nhttps://github.com/MAWK0235/CVE-2024-24401\n\n#nagios #sql #rce #privesc #poc #exploit", "creation_timestamp": "2024-09-30T18:53:58.000000Z"}