Nagios XI 5.6.1 - SQL injection vulnerability
- Date Published:2019-05-23
- Last Updated:2019-05-24
- Version Affected: 5.6.1
Nagios XI 5.6.1 - there is a SQL injection vulnerability, the attacker through the SQL command inserted into the Web form submission or input domain name or page request query string, finally achieve to cheat the server to execute malicious SQL command.
At present, the manufacturer has issued an upgrade patch to fix the vulnerability.