Lucene search
K

5 matches found

NVD
NVD
added 2026/06/10 4:17 p.m.13 views

CVE-2026-45569

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, ommit d4d10006 "Expand validation to block .. in configfilename and configver for improved security" added a line in app/modules/config/config.py:462. This is tuple-membership, no...

8.1CVSS0.00316EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 3:38 p.m.8 views

CVE-2026-45569 Roxy-WI: Path-traversal patch in commit d4d10006 is a no-op (tuple-membership bug)

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, ommit d4d10006 "Expand validation to block .. in configfilename and configver for improved security" added a line in app/modules/config/config.py:462. This is tuple-membership, no...

8.1CVSS5.5AI score0.00316EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 3:38 p.m.29 views

CVE-2026-45569 Roxy-WI: Path-traversal patch in commit d4d10006 is a no-op (tuple-membership bug)

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, ommit d4d10006 "Expand validation to block .. in configfilename and configver for improved security" added a line in app/modules/config/config.py:462. This is tuple-membership, no...

8.1CVSS0.00316EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 3:38 p.m.21 views

CVE-2026-45569

Roxy-WI path-traversal patch in commit d4d10006 uses a tuple-membership check, which can bypass common ../../ payloads; no publicly available patches yet.

8.1CVSS5.5AI score0.00316EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.14 views

PT-2026-48460

Name of the Vulnerable Software and Affected Versions Roxy-WI versions prior to 8.2.6.5 Description A path-traversal issue exists in the web interface used for managing Haproxy, Nginx, Apache, and Keepalived servers. A security check implemented in the config.py file within the app/modules/config...

8.1CVSS5.2AI score0.00316EPSS
Exploits0References4
Rows per page
Query Builder