CVE-2025-34323
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-17

Last updated on: 2025-11-26

Assigner: VulnCheck

Description
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to '/usr/local/nagioslogserver/scripts', while several scripts in this directory are owned by root and may be executed via sudo without a password. A local attacker running as 'www-data' can move one of these root-owned scripts to a backup name and create a replacement script with attacker-controlled content at the original path, then invoke it with sudo. This allows arbitrary commands to be executed with root privileges, providing full compromise of the underlying operating system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-17
Last Modified
2025-11-26
Generated
2026-06-16
AI Q&A
2025-11-17
EPSS Evaluated
2026-06-15
NVD
CVE-2025-34323
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
nagios log_server to 2026 (exc)
nagios log_server 2026
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

Nagios Log Server versions before 2026R1.0.1 have a local privilege escalation vulnerability. This happens because the web server user has passwordless sudo access to certain maintenance scripts and is also in a group that can write to the directory containing those scripts. A local attacker with web server user privileges can replace one of these scripts with a malicious one and then run it with sudo, gaining root-level arbitrary code execution.

Impact Analysis

This vulnerability allows a local attacker with access to the web server user account to escalate their privileges to root. This means they can execute arbitrary code with full system privileges, potentially compromising the entire system, accessing sensitive data, modifying system configurations, or disrupting services.

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade Nagios Log Server to version 2026R1.0.1 or later. Additionally, review and restrict sudo rules and file system permissions to ensure that the web server account does not have write access to directories containing scripts that can be executed with sudo privileges.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34323. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart