CVE-2025-34286
HIGHNagios XI < 2026R1 - Authenticated Remote Code Execution via Core Config Manager Run Check Command
Title source: llmDescription
Nagios XI versions prior to 2026R1 contain a remote code execution vulnerability in the Core Config Manager (CCM) Run Check command. Insufficient validation/escaping of parameters used to build backend command lines allows an authenticated administrator to inject shell metacharacters that are executed on the server. Successful exploitation results in arbitrary command execution with the privileges of the Nagios XI web application user and can be leveraged to gain control of the underlying host operating system.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
patch
https://www.nagios.com/products/security/#nagios-xi
Release Notes release-notes
patch
https://www.nagios.com/changelog/nagios-xi/
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/nagios-xi-rce-via-run-check-command-in-ccm
Scores
CVSS v3
7.2
EPSS
0.0066
EPSS Percentile
71.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (2)
nagios/nagios_xi
< 2026
Nagios/XI
< 2026R1
Published
Oct 30, 2025
Tracked Since
Feb 18, 2026