CVE-2023-48084

CRITICAL EXPLOITED NUCLEI

Nagios XI < 5.11.3 - SQL Injection

Title source: rule

Description

Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk modification tool.

Exploits (2)

nomisec WORKING POC 1 stars
by Hamibubu · remote-auth
https://github.com/Hamibubu/CVE-2023-48084
nomisec WORKING POC
by bucketcat · remote
https://github.com/bucketcat/CVE-2023-48084

Nuclei Templates (1)

Nagios XI < 5.11.3 - SQL Injection
CRITICALVERIFIEDby ritikchaddha
Shodan: http.title:"nagios xi"
FOFA: title="Nagios XI" || title="nagios xi" || app="nagios-xi"

References (1)

Scores

CVSS v3 9.8
EPSS 0.8209
EPSS Percentile 99.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-06-07
CWE
CWE-89
Status published
Products (1)
nagios/nagios_xi < 5.11.3
Published Dec 14, 2023
Tracked Since Feb 18, 2026