Exploitation Summary
EIP tracks 2 public exploits for CVE-2025-44823. PoCs published by Seth Kraft, skraft9.
AI-analyzed exploit summary This exploit demonstrates an API-level vulnerability in Nagios Log Server 2024R1.3.1 that allows any user with a valid API token to retrieve a full list of user accounts along with their plaintext API keys, including administrator credentials. The PoC uses a simple curl command to exploit the vulnerable endpoint and retrieve sensitive information.
Description
Nagios Log Server before 2024R1.3.2 allows authenticated users to retrieve cleartext administrative API keys via a /nagioslogserver/index.php/api/system/get_users call. This is GL:NLS#475.
Exploits (2)
This exploit demonstrates an API-level vulnerability in Nagios Log Server 2024R1.3.1 that allows any user with a valid API token to retrieve a full list of user accounts along with their plaintext API keys, including administrator credentials. The PoC uses a simple curl command to exploit the vulnerable endpoint and retrieve sensitive information.
This PoC demonstrates an authenticated API key exposure vulnerability in Nagios Log Server 2024R1.3.1, allowing users with a valid API token to retrieve plaintext API keys of all users, including administrators. The exploit involves a simple GET request to a vulnerable endpoint, leading to privilege escalation and full system compromise.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H