{"vulnerability": "CVE-2021-25296", "sightings": [{"uuid": "7b8bf9b2-aa6f-4d81-a1b3-243dd7055ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nagios_xi_configwizards_authenticated_rce.rb", "content": "", "creation_timestamp": "2023-02-07T21:54:12.000000Z"}, {"uuid": "603b1583-6b72-4f59-aadf-d2050013d0b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a5d98dbc-297a-416b-9a3e-374430d954f8", "content": "", "creation_timestamp": "2026-02-02T12:28:27.137408Z"}, {"uuid": "ae74e634-334e-43b7-83bd-dc833e5774f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a5d98dbc-297a-416b-9a3e-374430d954f8", "content": "", "creation_timestamp": "2026-02-02T12:28:27.137408Z"}, {"uuid": "3c34be93-c368-430e-be8a-19df4d848316", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "https://t.me/cibsecurity/23591", "content": "\u203c CVE-2021-25296 \u203c\n\nNagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-15T16:46:41.000000Z"}, {"uuid": "40364540-0240-4daa-ace0-8d370da2e13e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "MISP/5aa0b3ce-e9c4-4a1d-b95b-4e232c7929fc", "content": "", "creation_timestamp": "2021-04-27T13:43:41.000000Z"}, {"uuid": "505cb930-4e3d-4ff9-93c3-7d74c3d97d6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "6792a4be-b091-4ef7-acfa-508ffa33bf3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-25296.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "0a5322cc-f768-448e-9349-d0f8a14ea6e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "https://t.me/arpsyndicate/1312", "content": "#ExploitObserverAlert\n\nCVE-2021-25296\n\nDESCRIPTION: Exploit Observer has 19 entries related to CVE-2021-25296. Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.\n\nFIRST-EPSS: 0.888680000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T21:39:41.000000Z"}, {"uuid": "cb1a1dce-10de-42d0-8aec-eaaa36070785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971222", "content": "", "creation_timestamp": "2024-12-24T20:26:06.281470Z"}, {"uuid": "0937e649-0c54-4437-94d4-2d3fd0950f14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "721d8310-cbdb-4e87-8814-cf491d6bf053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:35.000000Z"}, {"uuid": "e8f51bca-f1ef-4377-8607-6846c26c8113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25296", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:29.000000Z"}]}