Nagios XI 5.6.1 - SQL injection vulnerability

Summary

Nagios XI 5.6.1 - there is a SQL injection vulnerability, the attacker through the SQL command inserted into the Web form submission or input domain name or page request query string, finally achieve to cheat the server to execute malicious SQL command.

Solution

At present, the manufacturer has issued an upgrade patch to fix the vulnerability.

https://www.nagios.com/products/nagios-xi/