CVE-2025-67254
Unknown Unknown - Not Provided

Directory Traversal in NagiosXI /admin/coreconfigsnapshots.php

Vulnerability report for CVE-2025-67254, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-29

Last updated on: 2025-12-29

Assigner: MITRE

Description

NagiosXI 2026R1.0.1 build 1762361101 is vulnerable to Directory Traversal in /admin/coreconfigsnapshots.php.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-29
Last Modified
2025-12-29
Generated
2026-07-06
AI Q&A
2025-12-29
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
nagios xi 2026r1.0.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a Directory Traversal issue in NagiosXI 2026R1.0.1 build 1762361101, specifically in the /admin/coreconfigsnapshots.php component. It allows an attacker to access files and directories outside the intended directory, potentially exposing sensitive information.

Impact Analysis

The Directory Traversal vulnerability can allow attackers to read arbitrary files on the server, which may lead to exposure of sensitive data, configuration files, or credentials, potentially compromising the security of the affected system.

Detection Guidance

This vulnerability can be detected by monitoring for suspicious HTTP GET requests targeting the vulnerable endpoint `/nagiosxi/admin/coreconfigsnapshots.php` with the `currentdiff` parameter containing directory traversal patterns such as `../../../../../../../../etc/hosts`. For example, you can use network traffic inspection tools like tcpdump or Wireshark to filter HTTP requests to this path. Additionally, you can use curl or wget commands to test the vulnerability manually, e.g., `curl -i "http://<nagiosxi-server>/nagiosxi/admin/coreconfigsnapshots.php?currentdiff=../../../../../../../../etc/hosts&archive=0"` to see if sensitive files are exposed. [1]

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint `/admin/coreconfigsnapshots.php` by implementing proper access controls, such as IP whitelisting or authentication enforcement. Additionally, monitor and block suspicious requests containing directory traversal patterns in the `currentdiff` parameter. Applying any available patches or updates from Nagios XI for version 2026R1.0.1 is recommended once released. As a temporary measure, consider disabling or restricting the affected functionality if possible. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67254. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart