Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

remote_plug_in_executor

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2020-6582
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.87% / 88.83%
||
7 Day CHG~0.00%
Published-16 Mar, 2020 | 17:13
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.

Action-Not Available
Vendor-n/aFedora ProjectNagios Enterprises, LLC
Product-remote_plug_in_executorfedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2020-6581
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-1.61% / 72.84%
||
7 Day CHG~0.00%
Published-16 Mar, 2020 | 17:13
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.

Action-Not Available
Vendor-n/aFedora ProjectNagios Enterprises, LLC
Product-remote_plug_in_executorfedoran/a
CVE-2013-1362
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-65.72% / 99.17%
||
7 Day CHG~0.00%
Published-09 Jul, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.

Action-Not Available
Vendor-n/aNagios Enterprises, LLCopenSUSE
Product-remote_plug_in_executoropensusen/a
CWE ID-CWE-20
Improper Input Validation