2025-11-17 17:48:28
VulnCheck
PUBLISHED
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The www-data user is a member of the nagios group, which has write access to /usr/local/nagioslogserver/scripts, while several scripts in this directory are owned by root and may be executed via sudo without a password. A local attacker running as www-data can move one of these root-owned scripts to a backup name and create a replacement script with attacker-controlled content at the original path, then invoke it with sudo. This allows arbitrary commands to be executed with root privileges, providing full compromise of the underlying operating system.