CVE-2021-25299

Name of the Vulnerable Software and Affected Versions: Nagios XI version xi-5.7.5

Description: The issue exists due to improper sanitization of user-controlled input in the file /usr/local/nagiosxi/html/admin/sshterm.php. This can be exploited by a maliciously crafted URL, which when clicked by an admin user, can steal session cookies or be chained with previous bugs to achieve one-click remote command execution (RCE) on the Nagios XI server.

Recommendations: For Nagios XI version xi-5.7.5, consider disabling access to the /usr/local/nagiosxi/html/admin/sshterm.php file until a patch is available to prevent potential exploitation. Restricting user input to prevent malicious URLs from being clicked is also advisable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.