4 matches found
CVE-2024-22197
creationtimestamp| type| source ---|---|--- 2024-01-11 19:37:34+00:00| seen| https://t.me/ctinow/166761 2024-01-18 23:16:52+00:00| seen| https://t.me/ctinow/169978 2024-01-30 16:51:35+00:00| seen| https://t.me/ctinow/176068 2024-02-12 11:59:05+00:00| seen| https://t.me/cyberdenteam/493 2026-07-06...
CVE-2024-22197
Nginx-ui is online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. The Home Preference page exposes a small list of nginx settings such as Nginx Access Log Path and Nginx Error Log Path. However, the API also exposes testconfigcmd,...
CVE-2024-22197 Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)
Nginx-ui is online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. The Home Preference page exposes a small list of nginx settings such as Nginx Access Log Path and Nginx Error Log Path. However, the API also exposes testconfigcmd,...
CVE-2024-22197
Nginx-UI is affected by an authenticated RCE/privilege escalation/Info Disclosure issue in which the API accepts test_config_cmd, reload_cmd, and restart_cmd changes, enabling command execution via CRLF. Affected product: Nginx-UI (web interface for Nginx configurations). Root cause: incomplete i...