Researchers from industrial cybersecurity firm Claroty have discovered eleven vulnerabilities in Nagios network management system, some of which could be chained to achieve pre-authenticated remote code execution with the highest privileges, as well as lead to credential theft and phishing attacks. The vulnerabilities were numbered sequentially from CVE-2021-37343 to CVE-2021-37353.

The most dangerous vulnerabilities are two remote code execution flaws (CVE-2021-37344, CVE-2021-37346) in Nagios XI Switch Wizard and Nagios XI WatchGuard Wizard, SQL injection vulnerability (CVE-2021-37350) in Nagios XI, server-side request forgery (CVE-2021-37353) affecting Nagios XI Docker Wizard, post-authenticated RCE (CVE-2021-37343) in Nagios XI's Auto-Discovery tool.

Nagios developers addressed the vulnerabilities through updates to Nagios XI, Nagios XI Docker Wizard, Nagios XI WatchGuard Wizard, and Nagios XI Switch Wizard.

More information on vulnerabilities and updates is available in Nagios page – nagios.com.