Vulnerabilities (CVE)

Filtered by vendor Nagios Subscribe
Filtered by product Remote Plug In Executor
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6582 2 Fedoraproject, Nagios 2 Fedora, Remote Plug In Executor 2024-11-21 5.0 MEDIUM 7.5 HIGH
Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.
CVE-2020-6581 2 Fedoraproject, Nagios 2 Fedora, Remote Plug In Executor 2024-11-21 3.7 LOW 7.3 HIGH
Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.
CVE-2013-1362 2 Nagios, Opensuse 2 Remote Plug In Executor, Opensuse 2024-11-21 7.5 HIGH N/A
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.