- Description
- The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malicious PHP file and modify specific settings to execute the contents of the file as PHP.
- Source
- bbf0bd87-ece2-41be-b873-96928ee8fab9
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- bbf0bd87-ece2-41be-b873-96928ee8fab9
- CWE-434
- Hype score
- Not currently trending
CVE-2024-13723 Remote Code Execution in Checkmk NagVis via Authenticated Administrative File Upload https://t.co/4vWWXeRVHY
@VulmonFeeds
5 Feb 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New KoreLogic advisory: KL-001-2025-002: Checkmk NagVis Remote Code Execution (https://t.co/uccTlRbCqm); CVE-2024-13723
@jimbecher
5 Feb 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-13722: KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting https://t.co/Mk5ZUn6dta CVE-2024-13723: KL-001-2025-002: Checkmk NagVis Remote Code Execution https://t.co/zVCKX32Rjx Attacker with administrative privileges is able to upload a malicious PHP file
@oss_security
5 Feb 2025
196 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-13723 The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malic… https://t.co/V6seXgn6Q5
@CVEnew
4 Feb 2025
356 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes