EIP-2026-109822

PRE-CVE

Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109822. PoCs published by hyp3rlinx.

AI-analyzed exploit summary The exploit demonstrates multiple CSRF vulnerabilities in Nagios Network Analyzer v2.2.1, allowing unauthorized command execution, user creation, report deletion, DoS, and user deletion via crafted HTML forms.

Description

Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by hyp3rlinx · textwebappsphp

https://www.exploit-db.com/exploits/40221

View Code ZIP pw:eip

The exploit demonstrates multiple CSRF vulnerabilities in Nagios Network Analyzer v2.2.1, allowing unauthorized command execution, user creation, report deletion, DoS, and user deletion via crafted HTML forms.

Classification

Working Poc 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Nagios Network Analyzer v2.2.1

Auth required

Prerequisites: Victim must be authenticated · Victim must visit a malicious webpage or click a crafted link

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026