Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because xi-sys.cfg is being imported from the var directory for some scripts with elevated permissions.Referenceshttps://www.nagios.com/downloads/nagios-xi/change-log/