CVE-2021-3277: 
Nagios XI vulnerability analysis and mitigation

Nagios XI 5.7.5 and earlier contains a vulnerability that allows authenticated administrators to upload arbitrary files due to improper validation of the rename functionality in the custom-includes component. The vulnerability was assigned CVE-2021-3277 and was disclosed in January 2021 (Asaf Blog).

The vulnerability exists in the rename functionality of the custom-includes component. The code lacks proper file name validation during the renaming process, which allows attackers to perform directory traversal and change file extensions. The vulnerability has a CVSS v3.1 base score of 7.2 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (NVD).

If exploited, this vulnerability could lead to remote code execution by allowing an authenticated administrator to upload and execute arbitrary PHP files on the affected system. The attacker could gain complete control over the Nagios XI system, potentially compromising the confidentiality, integrity, and availability of the monitoring system (NVD).

The vulnerability affects Nagios XI versions 5.7.5 and earlier. Users should upgrade to a patched version of Nagios XI to address this vulnerability (NVD).