Nagios XI 5.7.3 Remote Code Execution
https://packetstormsecurity.com/files/162235/nagios_xi_mibs_authenticated_rce.rb.txt
https://packetstormsecurity.com/files/162235/nagios_xi_mibs_authenticated_rce.rb.txthttps://packetstormsecurity.com/files/162235/Nagios-XI-5.7.3-Remote-Code-Execution.htmlMon, 19 Apr 2021 16:22:14 GMTThis Metasploit module exploits CVE-2020-5791, an OS command injection vulnerability on Nagios XI versions 5.6.0 through 5.7.3 in admin/mibs.php that enables an authenticated user with admin privileges to achieve remote code execution as either the apache user or the www-data user.