Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:33 a.m.10 views

CVE-2024-39935

jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command injection by an authenticated user with certificate management privileges via untrusted input to the DNS provider configuration. NOTE: this is not part of any NGINX software shipped by F5...

8.8CVSS8.9AI score0.00882EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/07/08 12:0 a.m.6 views

The vulnerability in the backend/script code of the proxy manager for NGINX Proxy Manager allows a perpetrator to execute arbitrary commands.

The vulnerability in the backend/script of the NGINX Proxy Manager for hosting management exists because measures to neutralize specific elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

9CVSS6AI score0.00882EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/07/04 9:15 p.m.33 views

CVE-2024-39935

jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command injection by an authenticated user with certificate management privileges via untrusted input to the DNS provider configuration. NOTE: this is not part of any NGINX software shipped by F5...

8.8CVSS0.00882EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/04 12:0 a.m.26 views

CVE-2024-39935

jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command injection by an authenticated user with certificate management privileges via untrusted input to the DNS provider configuration. NOTE: this is not part of any NGINX software shipped by F5...

0.00882EPSS
Exploits0References3
CVE
CVE
added 2024/07/04 12:0 a.m.98 views

CVE-2024-39935

CVE-2024-39935 affects jc21 NGINX Proxy Manager before 2.11.3. The vulnerability enables an authenticated user with certificate-management privileges to execute OS commands via untrusted input to the DNS provider configuration in the backend/internal/certificate.js, with potential for full impact...

8.8CVSS7.4AI score0.00882EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/28 12:0 a.m.4 views

PT-2024-4599 · Nginx · Nginx Proxy Manager

Name of the Vulnerable Software and Affected Versions: NGINX Proxy Manager versions prior to 2.11.3 Description: The issue allows an authenticated user with certificate management privileges to inject OS commands through untrusted input in the DNS provider configuration, potentially enabling remo...

9CVSS7.6AI score0.00882EPSS
Exploits0References11
Rows per page
Query Builder