SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Nagios XI 5.5.10 command injection attempt
This rule looks for a maliciously crafted HTTP request targetting a vulnerable parameter in Nagios XI 5.5.10 or lower, that allows a command injection and execution of commands inside the server.
This rule will alert when there's an attempt to exploit a command injection vulnerability in Nagios XI version 5.5.10 or lower.
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE::ATT&CK Framework::Enterprise::Initial Access::Exploit Public-Facing Application
Command Injection
Command Injection attacks target applications that allow unsafe user-supplied input. Attackers transmit this input via forms, cookies, HTTP headers, etc. and exploit the applications permissions to execute system commands without injecting code.
CVE-2019-9164 |
Loading description
|