CVE-2024-14005
Published: 30 October 2025
Description
Adversaries may abuse Unix shell commands and scripts for execution.
Security Summary
CVE-2024-14005 is a command injection vulnerability (CWE-78) in the Docker Wizard component of Nagios XI versions prior to 2024R1.2. The issue stems from insufficient validation of user-supplied input, which allows injection of shell metacharacters that are incorporated into backend command invocations. It carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to network accessibility, low attack complexity, and significant impacts on confidentiality, integrity, and availability.
An authenticated administrator can exploit this vulnerability remotely without user interaction. By supplying malicious input in the Docker Wizard, the attacker injects shell metacharacters, leading to arbitrary command execution with the privileges of the Nagios XI web application user.
Nagios advisories recommend upgrading to Nagios XI 2024R1.2 or later to mitigate the vulnerability through improved input validation. Additional details are available in the Nagios XI changelog at https://www.nagios.com/changelog/nagios-xi/, the security updates page at https://www.nagios.com/products/security/#nagios-xi, and the VulnCheck advisory at https://www.vulncheck.com/advisories/nagios-xi-command-injection-via-docker-wizard.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
CVE-2024-14005 is a command injection vulnerability in a public-facing web application (Nagios XI Docker Wizard), enabling T1190 (Exploit Public-Facing Application). Exploitation directly results in arbitrary Unix shell command execution (T1059.004).