Nagios XI Command Injection Vulnerability in PDF Export Functionality

A command injection vulnerability has been identified in Nagios XI versions prior to 5.7.3. This vulnerability resides in the report PDF download and export feature. The issue arises because user-supplied values used in the PDF generation process were not properly validated or escaped. As a result, an authenticated attacker who can initiate PDF exports could inject shell metacharacters or arguments, potentially leading to command execution on the server.

Impact

Exploitation of this vulnerability allows for command injection, where an attacker can execute arbitrary commands on the server with the privileges of the web server user.

Reproduction

To reproduce this vulnerability, an authenticated user can export a report as a PDF. During the export process, the application fails to properly sanitize user input, allowing for the injection of shell commands or arguments. This can be done by including malicious payloads in fields that will be processed during the PDF generation.

Remediation

Users can upgrade to Nagios XI version 5.7.3 or later, where this vulnerability has been fixed.