cbcvebase.
CVE-2012-10029
published 2025-08-05

CVE-2012-10029: Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in `visApi.php`. An authenticated user can…

PriorityP262high8.6CVSS 4.0
AVNACLATNPRHUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
2.58%
83.3th percentile
Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in `visApi.php`. An authenticated user can inject system commands via unsanitized parameters such as `host`, resulting in remote code execution.

Affected

1 ranges
VendorProductVersion rangeFixed in
nagios_enterprisesnagios_xi_graph_explorer< 1.31.3

Detection & IOCsextracted from sources · hover to see the quote

pathvisApi.php
  • Monitor HTTP requests to visApi.php for shell metacharacters or command injection payloads in the 'host' parameter (e.g., semicolons, pipes, backticks, $() constructs).
  • Scope detection to Nagios XI Graph Explorer component versions prior to 1.3; authenticated sessions are required for exploitation.
  • ·Exploitation requires an authenticated session; unauthenticated access alone is insufficient to trigger the vulnerability.
  • ·Multiple parameters beyond 'host' may be injectable; detection rules should not be limited to the 'host' parameter alone.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.