CVE-2024-13723

Checkmk NagVis Remote Code Execution

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malicious PHP file and modify specific settings to execute the contents of the file as PHP.

*Credits: This vulnerability was discovered by Jaggar Henry and Jim Becher of KoreLogic, Inc.

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-01-24 CVE Reserved
2025-02-04 CVE Published
2025-02-05 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-434: Unrestricted Upload of File with Dangerous Type

CAPEC

References (3)

URL	Tag	Source
https://checkmk.com/werks?version=2.3.0p10	Release Notes
https://korelogic.com/Resources/Advisories/KL-001-2025-002.txt	Third Party Advisory
https://www.nagvis.org/downloads/changelog/1.9.42	Release Notes

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Checkmk Search vendor "Checkmk"		NagVis Search vendor "Checkmk" for product "NagVis"				< 1.9.42 Search vendor "Checkmk" for product "NagVis" and version " < 1.9.42"		en		Affected
Checkmk Search vendor "Checkmk"		NagVis Search vendor "Checkmk" for product "NagVis"				< 2.3.0p10 Search vendor "Checkmk" for product "NagVis" and version " < 2.3.0p10"		en		Affected