What the vulnerability does

01Description

The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system.

Key dates

02Disclosure timeline

October 14, 2021 CVE published
November 3, 2025 Record updated