Arbitrary Command Execution Vulnerability in Nagios Plugins
CVE-2023-37154
Currently unrated
What is CVE-2023-37154?
The vulnerability in Nagios nagios-plugins version 2.4.5 permits arbitrary command execution through the misuse of check_by_ssh functionality. This exploitation involves the ProxyCommand, LocalCommand, and PermitLocalCommand options, allowing malicious users to execute unauthorized commands by leveraging environment variables such as ${IFS}. Although categorized differently in the software revisions, this issue poses a significant risk to unpatched installations, making it essential for users to review their configurations and apply necessary updates.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.