[Security Vulnerability Alert] Nagios XI contains high-risk security vulnerabilities (CVE-2025-34134, CVE-2025-34284, and CVE-2025-34286). Please confirm and patch them as soon as possible.

[Security Vulnerability Alert] Nagios XI contains high-risk security vulnerabilities (CVE-2025-34134, CVE-2025-34284, and CVE-2025-34286). Please confirm and patch them as soon as possible.

2025/11/7 ～ 2026/5/7

View Count：32

Forwarded from National Cybersecurity Information Sharing and Analysis Center: Cybersecurity Alert NISAC-200-202511-00000041

[Content Description]
Researchers have discovered an OS Command Injection vulnerability (CVE-2025-34134, CVE-2025-34284, and CVE-2025-34286) in Nagios XI. An unauthenticated remote attacker could inject arbitrary operating system commands and execute them on the server. This vulnerability has already been exploited by hackers; please confirm and patch it as soon as possible.

[Affected Platforms]
CVE-2025-34134 affects Nagios XI versions prior to 2024R1.4.2.
CVE-2025-34284 affects Nagios XI versions prior to 2024R2.
CVE-2025-34286 affects Nagios XI versions prior to 2026R1.

[Recommended Actions]
Update Nagios XI to 2026R1 or later.

[References]
1. https://www.nagios.com/products/security/#nagios-xi
2. https://www.cve.org/CVERecord?id=CVE-2025-34134
3. https://www.cve.org/CVERecord?id=CVE-2025-34284
4. https://www.cve.org/CVERecord?id=CVE-2025-34286

[Security Vulnerability Alert] Nagios XI contains high-risk security vulnerabilities (CVE-2025-34134, CVE-2025-34284, and CVE-2025-34286). Please confirm and patch them as soon as possible.

2025/11/7 ～ 2026/5/7

View Count：32

Files

None

【Back】