CVE-2013-1362
EPSS 76.4%
Description
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
How to fix CVE-2013-1362
To remediate CVE-2013-1362, upgrade the affected package to a fixed version below.
- Debian/nagios-nrpe—upgrade to 2.13-3 or later
Is CVE-2013-1362 being exploited?
Likely — EPSS is 76.4%, placing CVE-2013-1362 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (1)
- from 0, < 2.13-3