Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call check_nrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NRPE plugin execution. This allows the attacker to escape NRPE plugin execution and execute commands remotely on the target as NT_AUTHORITY\SYSTEM.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Opsview Monitor Agent 安全漏洞
Vulnerability Description
Opsview Monitor Agent是Opsview公司的一个监控平台代理程序。 Opsview Monitor Agent 0.3.9.700 2022-09-28及之前版本存在安全漏洞,该漏洞源于未认证远程攻击者可调用check_nrpe指定插件,从而允许攻击者逃避NRPE插件执行并以NT_AUTHORITYSYSTEM身份在目标上远程执行命令。
CVSS Information
N/A
Vulnerability Type
N/A