CVE-2020-6581

Name of the Vulnerable Software and Affected Versions Nagios NRPE version 3.2.1

Description The issue is related to insufficient filtering, where the nasty metachars function interprets as separate characters (`` and n) rather than a newline sequence. This can lead to command injection.

Recommendations For Nagios NRPE version 3.2.1, consider disabling the nasty metachars function as a temporary workaround until a patch is available. Restrict access to sensitive commands and parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.