Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system.

Attackers are likely to try to exploit vulnerabilities in network management systems like Nagios because their oversee critical network components and core servers and often contain many network secrets (e.g., credentials, API tokens) so they can do their job, Claroty researchers noted.