CVE-2022-26563
published 2023-07-18CVE-2022-26563: An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.
PriorityP351high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.67%
47.2th percentile
An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | monit | < monit 1:5.32.0-1 (bookworm) | monit 1:5.32.0-1 (bookworm) |
| tildeslash | monit | < 5.31.0 | 5.31.0 |
| tildeslash | monit | >= 0 < 1:5.32.0-1 | 1:5.32.0-1 |
| tildeslash | monit | >= 0 < 1:5.32.0-1 | 1:5.32.0-1 |
| tildeslash | monit | >= 0 < 1:5.32.0-1 | 1:5.32.0-1 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Tildeslash Monit up to 5.30.x PAM improper authorization (EUVD-2022-31119)
vuldb·2026-05-10·CVSS 8.8
CVE-2022-26563 [HIGH] Tildeslash Monit up to 5.30.x PAM improper authorization (EUVD-2022-31119)
A vulnerability was found in Tildeslash Monit up to 5.30.x and classified as critical. This issue affects some unknown processing of the component PAM. Such manipulation leads to improper authorization.
This vulnerability is uniquely identified as CVE-2022-26563. The attack can be launched remotely. No exploit exists.
It is suggested to upgrade the affected component.
GHSA
GHSA-23pc-hgf6-6wwr: An issue was discovered in Tildeslash Monit before 5
ghsa_unreviewed·2023-07-18
CVE-2022-26563 [HIGH] CWE-863 GHSA-23pc-hgf6-6wwr: An issue was discovered in Tildeslash Monit before 5
An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.
OSV
CVE-2022-26563: An issue was discovered in Tildeslash Monit before 5
osv·2023-07-18·CVSS 8.8
CVE-2022-26563 [HIGH] CVE-2022-26563: An issue was discovered in Tildeslash Monit before 5
An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.
Ubuntu
Monit vulnerability
vendor_ubuntu·2024-01-09
CVE-2022-26563 Monit vulnerability
Title: Monit vulnerability
Summary: Monit could be made to bypass authentication checks for disabled accounts.
Youssef Rebahi-Gilbert discovered that Monit did not properly process
credentials for disabled accounts. An attacker could possibly use this
issue to login to the platform with an expired account and a valid
password.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2022-26563: monit - An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attacke...
vendor_debian·2022·CVSS 8.8
CVE-2022-26563 [HIGH] CVE-2022-26563: monit - An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attacke...
An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.
Scope: local
bookworm: resolved (fixed in 1:5.32.0-1)
bullseye: open
forky: resolved (fixed in 1:5.32.0-1)
sid: resolved (fixed in 1:5.32.0-1)
trixie: resolved (fixed in 1:5.32.0-1)
No detection rules found.
No public exploits indexed.
Wiz
CVE-2020-36968 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2020-36968 [MEDIUM] CVE-2020-36968 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2020-36968 :
Monit vulnerability analysis and mitigation
M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users.
Source : NVD
## 7.1
Score
Published January 28, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Monit
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 45.5
Exploitation Probability (EPSS) 0.2
Affected packages and libraries
monit
Sources
NVD
Echo Severity MEDIUM No Fix Added at: Jan 29, 2026
## Get a CVE ris
Wiz
CVE-2020-36969 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2020-36969 [MEDIUM] CVE-2020-36969 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2020-36969 :
Monit vulnerability analysis and mitigation
M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standard user account.
Source : NVD
## 8.7
Score
Published January 28, 2026
Severity HIGH
CNA Score 8.7
Affected Technologies
Monit
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 25
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
monit
Sources
NVD
Echo Severity HIGH No Fix Added at: Jan 29, 2026
## Get a CVE
2023-07-18
Published