CVE-2024-14008

Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the WinRM Configuration Wizard. Insufficient validation of user-supplied input allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations. Successful exploitation enables arbitrary command execution with the privileges of the Nagios XI web application user.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.nagios.com/changelog/nagios-xi/	Release Notes
https://www.nagios.com/products/security/#nagios-xi	Vendor Advisory
https://www.vulncheck.com/advisories/nagios-xi-rce-via-winrm-configuration-wizard	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:nagios:nagios_xi::::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.0.1::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.0.2::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.1::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.1.1::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.1.2::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.1.3::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.1.4::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.1.5::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.2::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.2.1::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.2.2::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.3::::::
	cpe:2.3:a:nagios:nagios_xi:2024:r1.3.1::::::

History

06 Nov 2025, 18:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-10-30 22:15

Updated : 2025-11-06 18:17

NVD link : CVE-2024-14008

Mitre link : CVE-2024-14008

CVE.ORG link : CVE-2024-14008

JSON object : View

Products Affected

nagios

nagios_xi

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2024-14008", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}], "cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-10-30T22:15:46.297", "references": [{"url": "https://www.nagios.com/changelog/nagios-xi/", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://www.nagios.com/products/security/#nagios-xi", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/nagios-xi-rce-via-winrm-configuration-wizard", "tags": ["Third Party Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "Nagios XI versions prior to 2024R1.3.2\u00a0contain a remote command execution vulnerability in the WinRM Configuration Wizard. Insufficient validation of user-supplied input allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations. Successful exploitation enables arbitrary command execution with the privileges of the Nagios XI web application user."}], "lastModified": "2025-11-06T18:17:48.463", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62CF7BF4-6AAA-443E-93B4-B2F080091C13", "versionEndExcluding": "2024"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85F1764D-1DD8-44B0-BF5A-2420CB519A3C"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.0.1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1FE1A0B-78D1-4626-A4CD-21B843DA596E"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.0.2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCAB888E-F030-4640-9A18-9E423E553308"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C648B0A4-053C-4884-8A37-4AF03053ED1C"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.1.1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "893EEA99-0096-4C9F-BA8A-246A3E3F6C15"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.1.2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1FDA3F3-DF79-4807-9451-F04B2DB9A2B6"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.1.3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E055065-35A7-458A-A2DB-26634B97EE7C"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.1.4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76946B2D-093C-4981-8465-5ADBB98C0676"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.1.5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9112876-7C61-4A72-8F91-023378E82E6D"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1443759F-EBD7-4366-A5D3-9FB15CE15B40"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.2.1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F85D8CA4-F1AC-4538-925C-1AD00FF7B9C1"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.2.2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FFC081E-728A-4643-A8DF-5CC8E94E7D78"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3D8A858-2F40-4568-BCA0-59CF6033A7FE"}, {"criteria": "cpe:2.3:a:nagios:nagios_xi:2024:r1.3.1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D1C8647-F0EB-443F-B18B-338335CE54B7"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}