Skip to content

CVE-2021-25297

OS Command Injection: is CVE-2021-25297real, exploitable, or a false positive? Here's the community verdict.

signals

public sources

Exploited in wild
Yes
CISA KEV
Public exploit
Metasploit
Metasploit/EDB/PoC
Base severity
8.8 High
CVSS
Exploitation prob.
43%
FIRST EPSS
Weakness
CWE-78 · OS Command Injection
CWE

Confirmed exploited in the wild. Patch this first, regardless of the base score.

public exploits

links to sources — we don’t host code

A working exploit is publicly available from a maintained source. Treat this as higher urgency and verify your exposure.

baseline read

auto · not a community verdict

Real — exploited in the wild

CISA confirms active exploitation. Treat scanner hits as true positives unless your specific version or config is unaffected.

Based on CISA KEV

Confirm or dispute →
Affected:Nagios

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server.

Published

Embed this verdict
TruePositive verdict for CVE-2021-25297
Markdown
[![TruePositive verdict](https://www.truepositive.app/cve/CVE-2021-25297/badge.svg)](https://www.truepositive.app/cve/CVE-2021-25297)
HTML
<a href="https://www.truepositive.app/cve/CVE-2021-25297"><img src="https://www.truepositive.app/cve/CVE-2021-25297/badge.svg" alt="TruePositive verdict for CVE-2021-25297"></a>

Live badge that updates automatically as the community verdict changes.

Community ground truth

Be the first practitioner to weigh in

So far this is only TruePositive's editorial baseline from public sources. Add your real-world verdict below — it becomes the signal the next person triaging this relies on.

🥇 The first 50 practitioners to contribute earn a Founding Contributor badge.

In your experience, is this finding real and exploitable?

0 verdicts
Not a real issue

No account needed. Anonymous verdicts post as an unverified signal. Log in to make yours verified and earn reputation.

Field notes & remediation

Verdicts are the quick signal. Notes are the evidence and fixes behind them.

No notes yet. Be the first to share what you saw, or a fix that worked.

    Add a field note or remediationoptional
    Note type

    What are you adding?

    Markdown supported · minimum 20 characters.

    Same weakness: CWE-78 · OS Command Injection.