CVE-2008-5028

N/A Unknown

Published: November 10, 2008 Modified: April 23, 2026

Description

Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://git.op5.org/git/?p=nagios.git%3Ba=commit%3Bh=814d8d4d1a73f7151eeed187c0667585d79fea18

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=124156641928637&w=2

Source: cve@mitre.org

http://osvdb.org/49678

Source: cve@mitre.org

http://secunia.com/advisories/32610

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/32630

Source: cve@mitre.org

http://secunia.com/advisories/33320

Source: cve@mitre.org

http://secunia.com/advisories/35002

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200907-15.xml

Source: cve@mitre.org

http://sourceforge.net/mailarchive/forum.php?thread_name=4914396D.5010009%40op5.se&forum_name=nagios-devel

Source: cve@mitre.org

Patch

http://www.op5.com/support/news/389-important-security-fix-available-for-op5-monitor

Source: cve@mitre.org

Patch Vendor Advisory

http://www.openwall.com/lists/oss-security/2008/11/06/2

Source: cve@mitre.org

http://www.securitytracker.com/id?1022165

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/3029

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1256

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46426

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46521

Source: cve@mitre.org

https://www.ubuntu.com/usn/USN-698-3/

Source: cve@mitre.org

http://git.op5.org/git/?p=nagios.git%3Ba=commit%3Bh=814d8d4d1a73f7151eeed187c0667585d79fea18

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=124156641928637&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/49678

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32610

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/32630

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/33320

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35002

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200907-15.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://sourceforge.net/mailarchive/forum.php?thread_name=4914396D.5010009%40op5.se&forum_name=nagios-devel

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.op5.com/support/news/389-important-security-fix-available-for-op5-monitor

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.openwall.com/lists/oss-security/2008/11/06/2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1022165

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/3029

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/1256

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/46426

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/46521

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.ubuntu.com/usn/USN-698-3/

Source: af854a3a-2127-422b-91ae-364da2661108

34 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

1.3%

80th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-352

Affected Vendors

nagios op5

Related CVEs

CVE-2026-41044 N/A

CVE-2026-41043 N/A

CVE-2026-40466 N/A

CVE-2025-62233 N/A

CVE-2026-6272 N/A