Skip to main content

Network Analyzer

4 CVEs product

Monthly

CVE-2025-28059 HIGH This Week

An access control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows deleted users to retain access to system resources due to improper session invalidation and stale token handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Network Analyzer
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2025-28131 MEDIUM This Month

A Broken Access Control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows low-privilege users with "Read-Only" access to perform administrative actions, including stopping system services. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Network Analyzer
NVD GitHub
CVSS 3.1
4.6
EPSS
0.1%
CVE-2021-28925 CRITICAL POC Act Now

SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the o[col] parameter to api/checks/read/. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Network Analyzer
NVD
CVSS 3.1
9.8
EPSS
4.2%
CVE-2021-28924 MEDIUM POC This Month

Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Network Analyzer
NVD
CVSS 3.1
6.1
EPSS
9.2%
EPSS 1% CVSS 7.5
HIGH This Week

An access control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows deleted users to retain access to system resources due to improper session invalidation and stale token handling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Network Analyzer
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM This Month

A Broken Access Control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows low-privilege users with "Read-Only" access to perform administrative actions, including stopping system services. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Network Analyzer
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the o[col] parameter to api/checks/read/. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Network Analyzer
NVD
EPSS 9% CVSS 6.1
MEDIUM POC This Month

Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Network Analyzer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy