PT-2025-47192 · Nagios · Nagios Log Server
Published
2025-11-17
·
Updated
2025-11-27
·
CVE-2025-34323
CVSS v4.0
8.5
High
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Nagios Log Server versions prior to 2026R1.0.1
Description
Nagios Log Server versions prior to 2026R1.0.1 are susceptible to local privilege escalation. This is due to a combination of a misconfigured sudo setup and group-writable application directories. The
www-data user is part of the nagios group, which has write access to /usr/local/nagioslogserver/scripts. Several scripts within this directory are owned by root and can be executed via sudo without a password. A local attacker with www-data privileges can replace root-owned scripts with malicious scripts and then execute them using sudo, resulting in arbitrary code execution with root privileges and full system compromise.Recommendations
Update Nagios Log Server to version 2026R1.0.1 or later.
Exploit
Fix
LPE
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nagios Log Server