Advisories

Each great research deserves

some great advisories.

Research is one of Shielder’s pillars. The company invests from 25% to 100% of their employees' work time in training and security research and they pay back with these great advisories.

CVE-2019-9166: a privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to root via write access to config.inc.php.

Read more

CVE-2019-9165: a SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers with a valid 'fusekey' API key to execute arbitrary SQL commands via a malicious user id.

Read more

CVE-2019-9167: a cross-site scripting (XSS) vulnerability in Nagios XI before 5.5.11 allows attackers to inject arbitrary web script or HTML via the xiwindow parameter.

Read more