CVE-2024-13723
Published: 04 February 2025
Description
The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malicious PHP file and modify specific settings to execute the contents of the file as PHP.
Security Summary
CVE-2024-13723 is a remote code execution vulnerability in the NagVis component within Checkmk. It allows an authenticated attacker with administrative privileges to upload a malicious PHP file and modify specific settings to execute the file's contents as PHP. The vulnerability is associated with CWE-434 (Unrestricted Upload of File with Dangerous Type) and has a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
An authenticated attacker possessing administrative-level privileges in Checkmk can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation enables full compromise of the Confidentiality, Integrity, and Availability triads on the affected system, as the attacker can execute arbitrary PHP code.
Mitigation details are outlined in vendor advisories and patch notes, including Checkmk werks for version 2.3.0p10 at https://checkmk.com/werks?version=2.3.0p10, NagVis changelog for version 1.9.42 at https://www.nagvis.org/downloads/changelog/1.9.42, and a KoreLogic advisory at https://korelogic.com/Resources/Advisories/KL-001-2025-002.txt. Additional disclosures are available at http://seclists.org/fulldisclosure/2025/Feb/4 and http://www.openwall.com/lists/oss-security/2025/02/04/4.
Details
- CWE(s)