Roxy-WI 操作系统命令注入漏洞

Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Prior to version 8.2.6.4, Roxy-WI had an operating system command injection vulnerability. This vulnerability stemmed from the lack of cleanup of the words parameter provided by the...

PT-2026-34835

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxy section save function in app/routes/config/routes.py. The server ip parameter, sourced from the URL path, is passed unsanitized throug...

Roxy-WI 安全漏洞

Roxy-WI is an open source web interface for managing Haproxy, Nginx and Keepalived servers. A security vulnerability exists in Roxy-WI versions prior to 6.3.6.0. An attacker can exploit the vulnerability to obtain information about the server...

Roxy-WI 命令注入漏洞

Roxy-WI is an open source web interface for managing Haproxy, Nginx and Keepalived servers. A command injection vulnerability exists in Roxy-WI versions prior to 6.1.1.0, which stems from the ability to remotely run system commands via the subprocessexecute function...