Primary

Context

Nagios XI Remote Code Execution Vulnerability via NRDP Server Plugins

Vulnerability

A remote code execution vulnerability exists in Nagios XI versions prior to 2024R1.2. This issue arises from the NRDP (Nagios Remote Data Processor) server plugins, which fail to properly validate incoming request parameters. As a result, crafted input can bypass security measures and reach command execution paths, allowing attackers to execute arbitrary commands on the host system where Nagios XI is running, specifically within the context of the web service.

Impact

Exploitation of this vulnerability allows for authenticated remote code execution on the server where Nagios XI is installed.

Reproduction

To reproduce this vulnerability, send a crafted NRDP request that exploits the insufficient validation of parameters. This can be done through the NRDP server plugins, targeting a Nagios XI installation that is prior to the patched version 2024R1.2.

Remediation

Users can upgrade to Nagios XI version 2024R1.2 or later to address this vulnerability.

Added: Oct 30, 2025, 10:48 PM

Updated: Oct 30, 2025, 10:48 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

10.0

exploitability

5.6

remediation

7.7

relevance

0.9

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

10.0

exploitability

5.6

remediation

7.7

relevance

0.9

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nagios XI Remote Code Execution Vulnerability via NRDP Server Plugins

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Nagios XI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating