Roxy-WI, the web interface for managing Haproxy, Nginx, and Keepalived servers, is vulnerable to a command injection vulnerability in Roxy-WI 5.2.2.0 and earlier. An attacker can exploit this vulnerability to conduct command injection attacks via /app/funct.py and /api/api_funct.py.
CPE | Name | Operator | Version |
---|---|---|---|
Roxy-WI Roxy-WI <=5. | eq | 2.2.0 |