nagios
301 tracked vulnerabilities.
CVE-2020-36866
MEDIUM
Nagios XI < 5.7.3 - Stored Cross-Site Scripting via Manage Users Page
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2020-36865
MEDIUM
Nagios XI < 5.7.2 - Cross-Site Scripting via BPI Config Management
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2020-36864
MEDIUM
Nagios XI < 5.7.2 - Stored Cross-Site Scripting via Dashboard Background Color Setting
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2020-36863
HIGH
Nagios XI < 5.7.2 - Authenticated Remote Code Execution via Audio Import Directory File Upload
Oct 30, 2025
CVSS 8.8
EPSS 0.01
CVE-2020-36862
MEDIUM
Nagios XI < 5.6.11 - Unauthenticated Cross-Site Scripting and Server-Side Request Forgery via Highcharts Export Tool
Oct 30, 2025
CVSS 6.1
EPSS 0.00
CVE-2020-36861
MEDIUM
Nagios XI < 5.7.5 - Stored Cross-Site Scripting in Core Config Manager Overlay and Notification Pages
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2020-36860
MEDIUM
Nagios XI < 5.7.4 - Cross-Site Scripting in Core Config Manager Object Edit Pages
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2020-36859
HIGH
Nagios XI <5.7.4 - Authenticated SQL Injection
Oct 30, 2025
CVSS 8.8
EPSS 0.01
CVE-2020-36858
MEDIUM
Nagios Log Server < 2.1.6 - Cross-Site Scripting via Create User, Edit User, and Manage Host Lists Pages
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2020-36857
HIGH
Nagios XI < 5.6.14 - Authenticated SQL Injection via SNMP Trap Interface Page
Oct 30, 2025
CVSS 7.2
EPSS 0.00
CVE-2020-36856
HIGH
Nagios XI <5.6.14 - Command Injection
Oct 30, 2025
CVSS 8.8
EPSS 0.00
CVE-2020-23992
MEDIUM
Nagios XI 5.7.1 - Cross-Site Scripting via returnUrl Parameter
Aug 22, 2023
CVSS 6.1
EPSS 0.02
CVE-2020-28911
MEDIUM
Nagios Fusion <4.1.8 - Info Disclosure
May 24, 2021
CVSS 6.5
EPSS 0.21
CVE-2020-28910
CRITICAL
Nagios XI < 5.7.5 - Privilege Escalation via Symlink Attack in getprofile.sh
May 24, 2021
CVSS 9.8
EPSS 0.01
CVE-2020-28909
HIGH
Nagios Fusion < 4.1.8 - Privilege Escalation via Incorrect File Permissions
May 24, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-28908
CRITICAL
Nagios Fusion < 4.1.8 - Command Injection
May 24, 2021
CVSS 9.8
EPSS 0.33
CVE-2020-28907
CRITICAL
Nagios Fusion < 4.1.8 - Improper Certificate Validation in Update Package Download
May 24, 2021
CVSS 9.8
EPSS 0.01
CVE-2020-28906
HIGH
Nagios XI < 5.7.5 and Nagios Fusion < 4.1.8 - Privilege Escalation via Insecure File Permissions
May 24, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-28905
HIGH
Nagios Fusion <= 4.1.8 - Authenticated Remote Code Execution via Table Pagination
May 24, 2021
CVSS 8.8
EPSS 0.59
CVE-2020-28904
CRITICAL
Nagios Fusion < 4.1.8 - Privilege Escalation via Malicious Component Installation
May 24, 2021
CVSS 9.8
EPSS 0.01
CVE-2020-28903
MEDIUM
Nagios Fusion < 4.1.8 - Cross-Site Scripting via Fused Server Input
May 24, 2021
CVSS 6.1
EPSS 0.26
CVE-2020-28902
CRITICAL
Nagios Fusion <= 4.1.8 - Command Injection in cmd_subsys.php
May 24, 2021
CVSS 9.8
EPSS 0.10
CVE-2020-28901
CRITICAL
Nagios Fusion < 4.1.8 - Command Injection via cmd_subsys.php
May 24, 2021
CVSS 9.8
EPSS 0.06
CVE-2020-28900
CRITICAL
Nagios Fusion < 4.1.8 and Nagios XI < 5.7.5 - Privilege Escalation and Code Execution via Untrusted Update Package
May 24, 2021
CVSS 9.8
EPSS 0.01
CVE-2020-24899
HIGH
Nagios XI 5.7.2 - Authenticated Remote Code Execution via Webapp Query Injection
Feb 15, 2021
CVSS 8.8
EPSS 0.04
Products
nagios_xi 192
nagios 37
log_server 23
fusion 19
network_analyzer 7
nagios_core 5
XI 3
incident_manager 3
plugins 3
remote_plug_in_executor 3
Log Server 2
Nagios XI 2
favorites 2
nagios_cross_platform_agent 2
business_process_intelligence 1
nagios_network_analyzer 1
nagios_xi_docker_wizard 1
nagios_xi_switch_wizard 1
nagios_xi_watchguard_wizard 1
ndoutils 1
remote_plugin_executor 1
Quick Filters