CVE-2013-6875

Nagios XI < 2012r2.4 - SQL Injection via tfPassword Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-6875. PoCs published by Denis Andzakovic.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in Nagios XI by injecting a malicious payload into the login form. The payload bypasses authentication by manipulating the SQL query to return a true condition.

Description

SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Denis Andzakovic · textremotephp
https://www.exploit-db.com/exploits/38827

This exploit demonstrates an SQL injection vulnerability in Nagios XI by injecting a malicious payload into the login form. The payload bypasses authentication by manipulating the SQL query to return a true condition.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Nagios XI versions prior to 2012R2.4
No auth needed
Prerequisites: Access to the Nagios XI login page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

EPSS 0.0324
EPSS Percentile 86.7%

Details

CWE
CWE-89
Status published
Products (15)
nagios/nagios_xi 2012 rc2 (3 CPE variants)
nagios/nagios_xi 2012r1.0
nagios/nagios_xi 2012r1.1
nagios/nagios_xi 2012r1.2
nagios/nagios_xi 2012r1.3
nagios/nagios_xi 2012r1.4
nagios/nagios_xi 2012r1.5
nagios/nagios_xi 2012r1.6
nagios/nagios_xi 2012r1.7
nagios/nagios_xi 2012r1.8
... and 5 more
Published Nov 26, 2013
Tracked Since Feb 18, 2026