CVE-2023-28354
CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th
An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call check_nrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NRPE plugin execution. This allows the attacker to escape NRPE plugin execution and execute commands remotely on the target as NT_AUTHORITY\SYSTEM.
| Vendor | n/a |
| Product | n/a |
| Published | Jan 9, 2025 |
| Last Updated | Jan 10, 2025 |
Stay Ahead of the Next One
Get instant alerts for n/a n/a
Be the first to know when new critical vulnerabilities affecting n/a n/a are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / n/a
n/a