CVE-2024-24402: An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component.

9.8 CVSS

Description

An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component.

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.8

Vendor: n/a

Product: n/a

EPSS Score: 12.4% (probability of being exploited)

EPSS Percentile: 93.3% (scored less or equal to compared to others)

EPSS Date: 2025-04-07 (when was this score calculated)

SSVC Exploitation: none

SSVC Technical Impact: total

SSVC Automatable: false

2025-03-24 20:40:19 UTC
CVE

An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component.