Code injection

In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities...

CVE-2020-27730

In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities...

CVE-2020-27730

CVE-2020-27730 affects the NGINX Controller Agent : versions 1.0.1, 2.0.0–2.9.0, and 3.0.0–3.9.0 do not use absolute paths when invoking system utilities, enabling a local attacker to escalate privileges to root and execute arbitrary code. Public disclosures from Red Hat and F5 corroborate the vu...

Mail.ru: Bypass the reverse proxy. Request admin

Incorrect configuration of nginx led to path restrictions bypass...

Security Bulletin: NGINX vulnerability CVE-2020-7621 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Summary NGINX vulnerability CVE-2020-7621 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer Endpoint...

Security Bulletin: NGINX vulnerability CVE-2020-5863 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Summary NGINX vulnerability CVE-2020-5863 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer Endpoint...

Security Bulletin: NGINX vulnerability CVE-2019-20372 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Summary NGINX vulnerability CVE-2019-20372 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer Endpoin...

Exploit for Out-of-bounds Write in Php

PoC exploit for CVE-2019-11043, an exploit for a bug in php-fpm. The exploit targets a vulnerability in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit assumes that the nginx configuration has a location block that forwar...

F5 NGINX Controller Path Traversal Vulnerability

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A path traversal vulnerability exists in the F5 NGINX Controller Agent, which allows an attacker to escalate...

PT-2020-5282 · Nginx · Nginx Controller Agent

Name of the Vulnerable Software and Affected Versions: NGINX Controller Agent versions 1.0.1, 2.0.0 through 2.9.0, 3.0.0 through 3.9.0 Description: The issue is related to the NGINX Controller Agent's failure to use absolute paths when calling system utilities, which can be exploited by a remote...

HTTP Request Smuggling

nginx is vulnerable to HTTP request smuggling. A remote attacker is able to smuggle HTTP requests via the ngx.location.capture API...

CVE-2019-20372 affecting package nginx 1.16.1-4

CVE-2019-20372 affecting package nginx 1.16.1-4. A patched version of the package is available...

CVE-2009-4487 affecting package nginx 1.16.1-4

CVE-2009-4487 affecting package nginx 1.16.1-4. A patched version of the package is available...

Bunkerized-Nginx - Nginx Docker Image Secure By Default

nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web server or reverse proxy. Bunkerized-nginx provides generic security configs, settings and tools so you don't need to do it yourself. Non-exhaustive list of features : HTTPS support...

Exploit for Out-of-bounds Write in Php

CVE-2019-11043 PHP-FPM Remote Code Execution Screencast: htt...

nginx 0.7.64 writes data to a log file without sanitizing non-printable characters which might allow remote attackers to modify a window's title or possibly execute arbitrary commands or overwrite files via an HTTP request containing an escape sequence for a terminal emulator.

...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but based on the provided code and metadata, it appears to be a collection of various vulnerabilities, including but not limited to, SQL...

Shopify: Ability to potentially hit internal NGINX locations on *.myshopify.com by making use of the `X-Accel-Redirect` header via a configured App Proxy

By making use of the Shopify App Proxy and the X-Accel feature of NGINX, it is possible to hit any configured internal NGINX location as your current configuration is not ignoring the X-Accel-Redirect header response from an upstream service. The way it works is that NGINX allows internal...

vulhub2

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

nginx Information Disclosure Vulnerability (CVE-2014-3556)

nginx is prone to an information disclosure vulnerability in the SMTP proxy. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...