Primary

Context

Nagios XI Highcharts Export Directory Permission Vulnerability

Vulnerability

A vulnerability exists in Nagios XI versions prior to 5.8.7, where a temporary directory used for Highcharts exports had overly permissive ownership and permissions under the Apache user. This flaw allowed local or co-hosted processes to read or overwrite export artifacts, manipulate paths, and potentially execute code, depending on the deployment.

Impact

According to Nagios, this vulnerability could lead to unauthorized disclosure or tampering of data, with a risk of code execution under certain conditions.

Remediation

Users can upgrade to Nagios XI version 5.8.7 or later to address this vulnerability.

Added: Oct 30, 2025, 11:25 PM

Updated: Oct 30, 2025, 11:25 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

8.1

exploitability

3.8

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

8.1

exploitability

3.8

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nagios XI Highcharts Export Directory Permission Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Nagios XI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating