CVE-2018-15708 PoC — Nagios XI Snoopy 命令注入漏洞

Source

https://github.com/lkduy2602/Detecting-CVE-2018-15708-Vulnerabilities

Associated Vulnerability

Title:Nagios XI Snoopy 命令注入漏洞 (CVE-2018-15708)
Description:Nagios XI是美国Nagios公司的一套IT基础设施监控解决方案。该方案支持对应用、服务、操作系统等进行监控和预警。Snoopy是其中的一个模拟Web浏览器的PHP类。 Nagios XI 5.5.6版本中的Snoopy 1.0版本存在安全漏洞。远程攻击者可通过发送特制的HTTP请求利用该漏洞执行任意命令。

Readme

��# Detecting-CVE-2018-15708-Vulnerabilities

File Snapshot


 [4.0K]  /data/pocs/442e7693fd67bf1d8e308619670fb4b0c1c88fb7
├── [ 16M]  data_test.pcap
├── [3.3K]  n18dcat014_LeKhanhDuy.csv
├── [1.0M]  n18dcat014_LeKhanhDuy.docx
├── [1.1M]  n18dcat014_LeKhanhDuy.pdf
├── [5.1K]  n18dcat014_LeKhanhDuy.py
└── [  90]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.