Nagios Expoit Video PoC


Nagios Core < 4.2.2 Curl Cmd Injection / Remote Code Execution (CVE-2016-9565)

Nagios Core < 4.2.4 Root Privilege Escalation (CVE-2016-9566)


Discovered by Dawid Golunski



https://legalhackers.com




Description:

The video below demonstrates how an attacker using the CVE-2016-9565 vulnerability in Nagios, could gain access to the Nagios server in the context of www-data/nagios user and escalate their privileges to root by exploiting the Root Privilege Escalation vulnerability CVE-2016-9566.









To receive updates on this as well as new vulnerabilities:








<-- BACK TO legalhackers.com