{"vulnerability": "cve-2019-15949", "sightings": [{"uuid": "2db274e7-de67-43c0-b0cb-d60d671d0632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "0e452be5-05a9-4a91-94db-bc4938e9bbc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "970f139d-745c-4e7a-bfd4-4167426b3796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "exploited", "source": "https://www.exploit-db.com/exploits/48191", "content": "", "creation_timestamp": "2020-03-10T00:00:00.000000Z"}, {"uuid": "f8a62d65-bcc9-4cef-847d-ea79bc4b14d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970966", "content": "", "creation_timestamp": "2024-12-24T20:22:25.384150Z"}, {"uuid": "0530f8c7-02b4-4b83-99bd-7a18a75ef91e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "95f57799-e7d0-4a67-b85b-ac67ea20334a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:42.000000Z"}, {"uuid": "fed83c7e-7708-498b-b1ee-a098167d8741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:13.000000Z"}, {"uuid": "8d881dfd-e891-4f74-96ef-f643cb959710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/nagios_xi_scanner.rb", "content": "", "creation_timestamp": "2021-03-26T23:19:21.000000Z"}, {"uuid": "166c07bd-d480-4dce-ae82-80cb48cceff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "https://t.me/arpsyndicate/1016", "content": "#ExploitObserverAlert\n\nCVE-2019-15949\n\nDESCRIPTION: Exploit Observer has 15 entries related to CVE-2019-15949. Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user. A user logged into Nagios XI with permissions to modify plugins, or the nagios user on the server, can modify the check_plugin executable and insert malicious commands to execute as root.\n\nFIRST-EPSS: 0.519440000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-03T19:58:56.000000Z"}, {"uuid": "ba73a43e-251f-4e4a-aa4a-9de3b2597445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nagios_xi_plugins_check_plugin_authenticated_rce.rb", "content": "", "creation_timestamp": "2021-04-14T00:06:12.000000Z"}, {"uuid": "ca2f4268-871c-42f8-94ba-0b5e918e834a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "published-proof-of-concept", "source": "Telegram/EQSEx6hVvMlnJ1ky7huxK4eSzyICfuehitJwgPSzGmUZN8M", "content": "", "creation_timestamp": "2025-11-26T21:00:05.000000Z"}, {"uuid": "022ac80a-1507-47f2-b761-43376e3cd6b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-15949", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a3a8ab3f-fa0d-4bfe-8fdd-e74de4ef534f", "content": "", "creation_timestamp": "2026-02-02T12:28:58.586210Z"}, {"uuid": "33014853-9d5a-49dc-bfd7-a03c0b122b3c", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-15949", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/44b49bf3-c357-4c5f-b23e-d12a061e3cdb", "content": "", "creation_timestamp": "2026-06-19T12:48:01.652174Z"}]}