CVE-2018-8735

HIGH

Nagios XI 5.2.0-5.4.12 - Remote Code Execution via OS Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2018-8735. PoCs published by Metasploit, Jared Arave, Cale Smith, Benny Husted, Jared Arave, including Metasploit module exploits/linux/http/nagios_xi_chained_rce_2_electric_boogaloo.

AI-analyzed exploit summary This Metasploit module exploits multiple vulnerabilities in Nagios XI (CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736) to achieve remote root access via SQL injection, API key enumeration, and command injection.

Description

Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/44969

This Metasploit module exploits multiple vulnerabilities in Nagios XI (CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736) to achieve remote root access via SQL injection, API key enumeration, and command injection.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Nagios XI 5.2.6-5.4.12
No auth needed
Prerequisites: Network access to Nagios XI web interface · Vulnerable version of Nagios XI
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Jared Arave · pythonwebappsphp
https://www.exploit-db.com/exploits/44560

This exploit chains multiple vulnerabilities (CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736) in Nagios XI to achieve remote root access. It starts by changing the database user to root, extracts API keys via SQL injection, adds an administrative user, and executes a reverse shell or custom command.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Nagios XI versions 5.2.[6-9], 5.3, 5.4
No auth needed
Prerequisites: Network access to the target Nagios XI instance · Nagios XI version 5.2.[6-9], 5.3, or 5.4
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC MANUAL
by Cale Smith, Benny Husted, Jared Arave · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nagios_xi_chained_rce_2_electric_boogaloo.rb

This Metasploit module exploits a chain of vulnerabilities in Nagios XI (CVE-2018-8735) to achieve remote root access. It combines SQL injection, API key enumeration, and command injection to add an admin user and execute arbitrary commands.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Nagios XI 5.2.6-5.4.12
No auth needed
Prerequisites: Network access to Nagios XI web interface · Nagios XI version within vulnerable range
devstral-2 · analyzed Apr 23, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Francesco Oddo, wvu · rubypocunix
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nagios_xi_chained_rce.rb

This Metasploit module exploits a chain of vulnerabilities (SQLi, auth bypass, file upload, command injection, and privilege escalation) in Nagios XI <= 5.2.7 to achieve remote code execution as root. It automates the entire exploit chain, from stealing an API token to uploading a malicious payload and executing it.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Nagios XI <= 5.2.7
No auth needed
Prerequisites: Network access to the Nagios XI web interface · A valid user ID in the database (default: 1)
devstral-2 · analyzed Apr 23, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44560/
Release Notes, Vendor Advisory x_refsource_misc
https://www.nagios.com/downloads/nagios-xi/change-log/
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://blog.redactedsec.net/exploits/2018/04/26/nagios.html
Release Notes, Vendor Advisory x_refsource_misc
https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44969/

Scores

CVSS v3 8.8
EPSS 0.7246
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
nagios/nagios_xi 5.2.0 - 5.4.13
Published Apr 18, 2018
Tracked Since Feb 18, 2026