Nagios · Nagios Remote Plugin Executor · CVE-2013-1362
**Name of the Vulnerable Software and Affected Versions**
Nagios Remote Plug-In Executor (NRPE) versions prior to 2.14
**Description**
The issue is related to an incomplete blacklist vulnerability in the nrpc.c file. This vulnerability might allow remote attackers to execute arbitrary shell commands via `$()` shell metacharacters, which are processed by bash.
**Recommendations**
For versions prior to 2.14, update to version 2.14 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `$()` shell metacharacters in bash commands to minimize the risk of exploitation.