Nagios · Nagios Network Analyzer · CVE-2025-34280
**Name of the Vulnerable Software and Affected Versions**
Nagios Network Analyzer versions prior to 2024R2.0.1
**Description**
Nagios Network Analyzer contains a flaw in how it handles LDAP certificate management. Specifically, the certificate removal process does not properly sanitize input. An authenticated administrator can exploit this to execute commands on the host system, with the privileges of the web application service, leading to remote code execution.
**Recommendations**
Update to version 2024R2.0.1 or later.