Nagios XI Configwizards Windowswmi Command Injection

This strike exploits a command injection vulnerability in Nagios XI 5.7.5. The vulnerability is due to insufficient input validation of the requests submitted to the Windowswmi.inc.php file. A remote authenticated attacker can exploit this vulnerability by sending a crafted request to the server. Successful exploitation could result in arbitrary command execution with privileges of the web server running on the target system. NOTE - The strike has one-arm support where it tries to connect to a netcat listener with a bash shell running on port 4444 on the vulnerable webserver (Creds - nagiosadmin/1234) itself.