CVE-2018-15710

This Metasploit module exploits CVE-2018-15708 (unauthenticated RCE) and CVE-2018-15710 (local privilege escalation) in Nagios XI 5.5.6 to achieve a root reverse shell. It uploads a webshell and meterpreter payload, then escalates privileges via autodiscovery or NSE script execution.

This exploit leverages CVE-2018-15710 (and CVE-2018-15708) to achieve remote code execution and privilege escalation on Nagios XI versions 2012r1.0 to 5.5.6. It uses a self-signed certificate to serve a malicious PHP file via an HTTP server, then exploits MagpieRSS to write the file to the target system, leading to arbitrary command execution and root access via sudo misconfigurations.

This Metasploit module exploits CVE-2018-15708 (unauthenticated RCE) and CVE-2018-15710 (local privilege escalation) in Nagios XI <= 5.5.6. It uploads a PHP webshell and Meterpreter payload via the vulnerable magpie_debug.php endpoint, then escalates privileges to root using sudo misconfigurations.