Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software

Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers.

“These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain code execution on the server running Checkmk version 2.1.0p10 and lower,” SonarSource researcher Stefan Schiller sagte in a technical analysis.

Checkmk’s open source edition of the monitoring tool is based on Nagios Core and offers integrations with NagVis for the visualization and generation of topological maps of infrastructures, servers, ports, and processes.

According to its Munich-based developer tribe29 GmbH, its Enterprise and Raw editions are used by over 2,000 customers, including Airbus, Adobe, NASA, Siemens, Vodafone, and others.

The four vulnerabilities, which consist of two Critical and two Medium severity bugs, are as follows –

A code injection flawin watolib’s auth.php (CVSS score: 9.1)
An arbitrary file read flawin NagVis (CVSS score: 9.1)
A command injection flawCheckmk’s Livestatus wrapper and Python API (CVSS score: 6.8), and
A server-side request forgery (SSRF) flawin the host registration API (CVSS score: 5.0)

While these shortcomings on their own have a limited impact, an adversary can chain the issues, starting with the SSRF flaw to access an endpoint only reachable from localhost, using it to bypass authentication and read a configuration file, ultimately gaining access to the Checkmk GUI.

“This access can further be turned into remote code execution by exploiting a Code Injection vulnerability in a Checkmk GUI subcomponent called watolib, which generates a file named auth.php required for the NagVis integration,” Schiller explained.

Following responsible disclosure on August 22, 2022, the four vulnerabilities have been patched in Checkmk version 2.1.0p12 released on September 15, 2022.

The findings follow the discovery of multiple flaws in other monitoring solutions like Zabbix und Icinga since the start of the year, which could have been exploited to compromise the servers by running arbitrary code.

https://thehackernews.com/2022/11/multiple-vulnerabilities-reported-in.html

Kommentar verfassen Kommentieren abbrechen

London, GB

2:23 pm, Juli 8, 2025

23°C

L: 22° | H: 24°

Fühlt sich an wie 22°C° klarer Himmel

Luftfeuchtigkeit: 39 %

Druck: 1018 mb

Wind: 5 mph NNE

Windböe: 9 mph

UV-Index: 0

Niederschlag: 0 mm

Wolken: 0%

Regen Chance: 0%

Sichtbarkeit: 10 km

Sonnenaufgang: 4:53 am

Sonnenuntergang: 9:17 pm

TäglichStündlich

Tägliche VorhersageStündliche Vorhersage

Today 10:00 pm

22° | 24°°C 0 mm 0% 7 mph 40 % 1019 mb 0 mm/h

Tomorrow 10:00 pm

16° | 26°°C 0.16 mm 16% 8 mph 58 % 1022 mb 0 mm/h

Do. Juli 10 10:00 pm

18° | 30°°C 0 mm 0% 11 mph 76 % 1024 mb 0 mm/h

Fr. Juli 11 10:00 pm

19° | 29°°C 0 mm 0% 8 mph 65 % 1022 mb 0 mm/h

Sa. Juli 12 10:00 pm

19° | 29°°C 0 mm 0% 10 mph 65 % 1020 mb 0 mm/h

Today 4:00 pm

23° | 24°°C 0 mm 0% 7 mph 37 % 1018 mb 0 mm/h

Today 7:00 pm

24° | 24°°C 0 mm 0% 7 mph 33 % 1017 mb 0 mm/h

Today 10:00 pm

19° | 19°°C 0 mm 0% 4 mph 40 % 1019 mb 0 mm/h

Tomorrow 1:00 am

18° | 18°°C 0 mm 0% 5 mph 50 % 1020 mb 0 mm/h

Tomorrow 4:00 am

16° | 16°°C 0 mm 0% 4 mph 58 % 1020 mb 0 mm/h

Tomorrow 7:00 am

16° | 16°°C 0 mm 0% 4 mph 51 % 1021 mb 0 mm/h

Tomorrow 10:00 am

21° | 21°°C 0 mm 0% 6 mph 58 % 1022 mb 0 mm/h

Tomorrow 1:00 pm

23° | 23°°C 0 mm 0% 8 mph 56 % 1022 mb 0 mm/h

Name	Preis	24H (%)
Bitcoin(BTC)	€92,866.11	0.61%
Ethereum(ETH)	€2,201.50	1.35%
Fesseln(USDT)	€0.85	0.01%
XRP(XRP)	€1.96	0.77%
Solana(SOL)	€129.76	0.27%
USDC(USDC)	€0.85	0.00%
Dogecoin(DOGE)	€0.145960	0.98%
Shiba Inu(SHIB)	€0.000010	1.30%
Pepe(PEPE)	€0.000009	0.82%

Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software

Teilen:

Kommentar verfassen Kommentieren abbrechen

Verbindung zum Dienstprogramm

Nützlicher Link

Newsletter

Folgen Sie uns