Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

XI — Vulnerabilities & Security Advisories 77

All 77 CVE vulnerabilities found in XI, with AI-generated Chinese analysis, references, and POCs.

Vendor: Nagios

CVE IDTitleCVSSSeverityPublished
CVE-2021-47690 Nagios XI < 5.8.2 Core Config Manager (CCM) XSS via Overlay Modals CWE-79 6.1AIMediumAI2025-10-30
CVE-2020-36860 Nagios XI < 5.7.4 Core Config Manager (CCM) XSS via Object Edit Pages CWE-79 5.4AIMediumAI2025-10-30
CVE-2022-50585 Nagios XI < 5.8.9 Core Config Manager (CCM) XSS via Audit Log Page Search Input CWE-79 5.4AIMediumAI2025-10-30
CVE-2020-36859 Nagios XI < 5.7.4 Core Config Manager (CCM) SQL Injection via Object Edit Pages CWE-89 8.8AIHighAI2025-10-30
CVE-2021-47693 Nagios XI < 5.8.5 Core Config Manager (CCM) SQL Injection via Improper Escaping in Search Text CWE-89 8.8AIHighAI2025-10-30
CVE-2021-47694 Nagios XI < 5.8.6 Core Config Manager (CCM) Reflected XSS via Test Command CWE-79 6.1AIMediumAI2025-10-30
CVE-2013-10073 Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection CWE-78 8.8AIHighAI2025-10-30
CVE-2013-10072 Nagios XI < 2012R1.6 Auto-Discovery Missing Authorization CWE-862 7.1AIHighAI2025-10-30
CVE-2020-36857 Nagios XI < 5.6.14 Authenticated SQL Injection via SNMP Trap Interface Page CWE-89 7.2AIHighAI2025-10-30
CVE-2012-10063 Nagios XI < 2012R1.3 Authenticated SQL Injection in Legacy CCM CWE-89 8.1AIHighAI2025-10-30
CVE-2020-36856 Nagios XI < 5.6.14 Authenticated RCE command_test.php via address CWE-78 7.2AIHighAI2025-10-30
CVE-2024-14002 Nagios XI < 2024R1.1.4 Authenticated Local File Inclusion via NagVis CWE-98 6.5AIMediumAI2025-10-30
CVE-2025-34284 Nagios XI < 2024R2 Authenticated Command Injection via WinRM Plugin CWE-78 7.2AIHighAI2025-10-30
CVE-2024-13995 Nagios XI < 2024R1.1.2 API Keys & Hashed Passwords Authenticated Information Disclosure CWE-497 8.1AIHighAI2025-10-30
CVE-2025-34283 Nagios XI < 2024R1.4.2 API Key Disclosure via Neptune Themes CWE-497 6.5AIMediumAI2025-10-30
CVE-2024-13994 Nagios XI < 2024R1.1.2 Allow Insecure Logins Missing Authorization CWE-862 8.8AIHighAI2025-10-30
CVE-2024-13999 Nagios XI < 2024R1.1.3 AD/LDAP Token Authenticated Information Disclosure CWE-497 8.8AIHighAI2025-10-30

All 77 known CVE vulnerabilities affecting XI with full Chinese analysis, references, and POCs where available.