CVE-2018-8736

Exploitation Summary

EIP tracks 4 public exploits for CVE-2018-8736. PoCs published by Metasploit, Jared Arave, Cale Smith, Benny Husted, Jared Arave, including Metasploit module exploits/linux/http/nagios_xi_chained_rce_2_electric_boogaloo.

AI-analyzed exploit summary This Metasploit module exploits multiple vulnerabilities in Nagios XI (CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736) to achieve remote root access via SQL injection, API key enumeration, and command injection.

Description

A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to leverage an RCE vulnerability escalating to root.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/44969

View Code ZIP pw:eip

This Metasploit module exploits multiple vulnerabilities in Nagios XI (CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736) to achieve remote root access via SQL injection, API key enumeration, and command injection.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Nagios XI 5.2.6-5.4.12

No auth needed

Prerequisites: Network access to Nagios XI web interface · Vulnerable version of Nagios XI

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Jared Arave · pythonwebappsphp

https://www.exploit-db.com/exploits/44560

View Code ZIP pw:eip

This exploit chains multiple vulnerabilities (CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736) in Nagios XI to achieve remote root access. It starts by changing the database user to root, extracts API keys via SQL injection, adds an administrative user, and executes a reverse shell or custom command.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Nagios XI versions 5.2.[6-9], 5.3, 5.4

No auth needed

Prerequisites: Network access to the target Nagios XI instance · Nagios XI version 5.2.[6-9], 5.3, or 5.4

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC MANUAL

by Cale Smith, Benny Husted, Jared Arave · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nagios_xi_chained_rce_2_electric_boogaloo.rb

View Code ZIP pw:eip

This Metasploit module exploits a chain of vulnerabilities in Nagios XI (CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736) to achieve remote root access. It involves SQL injection, API key enumeration, administrative user addition, and command injection via sudo misconfiguration.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Nagios XI 5.2.6-5.4.12

No auth needed

Prerequisites: Network access to Nagios XI web interface · Default or known credentials not required

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 23, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Francesco Oddo, wvu · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nagios_xi_chained_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits a chain of vulnerabilities (SQLi, auth bypass, file upload, command injection, and privilege escalation) in Nagios XI <= 5.2.7 to achieve remote code execution as root. It demonstrates a full exploit chain with clear technical implementation.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Nagios XI <= 5.2.7

No auth needed

Prerequisites: Network access to the target · Nagios XI version <= 5.2.7

MITRE ATT&CK