Nginx Proxy Manager Security Vulnerabilities and Issues — Nginx Proxy Manager CVE List

Lucene search

Jc21Nginx Proxy Manager

3 matches found

CVE•added 2024/09/27 6:15 p.m.•65 views

CVE-2024-46257

A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: this is not part of any NGINX software shipped by F5.

6.3CVSS8.1AI score0.00409EPSS

CVE•added 2024/09/27 6:15 p.m.•62 views

CVE-2024-46256

A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate.

9.8CVSS7.1AI score0.4165EPSS

CVE•added 2024/07/04 9:15 p.m.•55 views

CVE-2024-39935

jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command injection by an authenticated user (with certificate management privileges) via untrusted input to the DNS provider configuration. NOTE: this is not part of any NGINX software shipped by F5.

8.8CVSS7.4AI score0.01386EPSS