Enhancement: cves/2021/CVE-2021-25296.yaml by md

cves/2021/CVE-2021-25296.yaml

@@ -1,16 +1,16 @@
 id: CVE-2021-25296
 
 info:
-  name: Nagios XI versions 5.5.6 to 5.7.5 - Command Injection
+  name: Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection
   author: k0pak4
   severity: high
   description: |
-    Nagios XI versions 5.5.6 to 5.7.5 are affected by OS command injection. An authenticated user can gain code execution due to unsanitized URL parameters.
+    Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command injection. There is improper sanitization of authenticated user-controlled input by a single HTTP request via the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php. This in turn can lead to remote code execution, by which an attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
   reference:
     - https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md
     - https://github.com/rapid7/metasploit-framework/pull/17494
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-25296
     - http://nagios.com
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25296
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -78,3 +78,5 @@ requests:
         regex:
           - "var nsp_str = ['\"](.*)['\"];"
         internal: true
+
+# Enhanced by md on 2023/03/21