Nagios - Remote Plug In Executor CVE

Filtered by vendor Nagios Subscribe

Filtered by product Remote Plug In Executor

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-6581	2 Fedoraproject, Nagios	2 Fedora, Remote Plug In Executor	2021-07-21	3.7 LOW	7.3 HIGH
Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.
CVE-2020-6582	1 Nagios	1 Remote Plug In Executor	2021-07-21	5.0 MEDIUM	7.5 HIGH
Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.

Vulnerabilities (CVE)