CVE-2026-2043

Name of the Vulnerable Software and Affected Versions Nagios Host (affected versions not specified)

Description A flaw exists within the esensors websensor configwizard func method that allows remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this issue. The root cause is the lack of proper validation of user-supplied input before it is used in a system call, potentially allowing an attacker to execute code in the context of the service account.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.