CVE-2026-24893

openITCOCKPIT has Authenticated Command Injection Leading to Remote Code Execution via Host Address Macro Expansion

Description

openITCOCKPIT is an open source monitoring tool built for different monitoring engines. openITCOCKPIT Community Edition prior to version 5.5.2 contains a command injection vulnerability that allows an authenticated user with permission to add or modify hosts to execute arbitrary OS commands on the monitoring backend. The vulnerability arises because user-controlled host attributes (specifically the host address) are expanded into monitoring command templates without validation, escaping, or quoting. These templates are later executed by the monitoring engine (Nagios/Icinga) via a shell, resulting in remote code execution. Version 5.5.2 patches the issue.

INFO

Published Date :

2026-04-14T20:37:00.347Z

Last Modified :

2026-04-15T13:40:30.971Z

Source :

GitHub_M

AFFECTED PRODUCTS

The following products are affected by CVE-2026-24893 vulnerability.

Vendors	Products
Openitcockpit	Openitcockpit

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-24893.

URL	Resource
https://github.com/openITCOCKPIT/openITCOCKPIT/releases/tag/openITCOCKPIT-5.5.2
https://github.com/openITCOCKPIT/openITCOCKPIT/security/advisories/GHSA-789q-pw85-j2q2
https://openitcockpit.io/blog/posts/2026/2026-04-14-openitcockpit-agent-3.6.0-and-5.5.2

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact