Lucene search
K
NginxuiNginx Ui

23 matches found

cve
cve
added 2024/10/21 5:4 p.m.276 views

CVE-2024-49368

CVE-2024-49368 affects Nginx UI prior to version 2.0.0-beta.36. The issue arises when configuring logrotate: unverified input is passed to exec.Command, allowing arbitrary command execution. The fixed version is 2.0.0-beta.36. This is documented across multiple sources (Red Hat, NVD, CVE lists, a...

9.8CVSS9.7AI score0.23491EPSS
cve
cve
added 2026/03/05 4:28 p.m.271 views

CVE-2026-27944

CVE-2026-27944 affects Nginx UI prior to 2.3.3, where the /api/backup endpoint is accessible without authentication. The response header X-Backup-Security leaks the AES decryption key/IV, enabling an unauthenticated attacker to download a full system backup (including credentials, tokens, SSL key...

9.8CVSS5.9AI score0.22162EPSS
In wildWeb
cve
cve
added 2024/01/11 7:38 p.m.161 views

CVE-2024-22198

CVE-2024-22198 affects Nginx-UI, a web interface for Nginx config management. The issue allows authenticated remote code execution by abusing configuration settings; the Home > Preference exposes sensitive settings (Run Mode, Jwt Secret, Node Secret, Terminal Start Command) and can be modified...

8.8CVSS8.6AI score0.04088EPSS
cve
cve
added 2024/10/21 4:24 p.m.99 views

CVE-2024-49367

CVE-2024-49367 affects Nginx UI prior to version 2.0.0-beta.36. The issue is a controllable log path that, when combined with directory traversal at the /api/configs endpoint, allows reading directories and file contents on the server. A fixed version is 2.0.0-beta.36. Connected sources confirm t...

7.5CVSS7.5AI score0.0063EPSS
cve
cve
added 2024/01/11 5:56 p.m.96 views

CVE-2024-22197

Nginx-UI is affected by an authenticated RCE/privilege escalation/Info Disclosure issue in which the API accepts test_config_cmd, reload_cmd, and restart_cmd changes, enabling command execution via CRLF. Affected product: Nginx-UI (web interface for Nginx configurations). Root cause: incomplete i...

8.8CVSS8.7AI score0.01537EPSS
cve
cve
added 2026/03/30 5:58 p.m.88 views

CVE-2026-33032

CVE-2026-33032 affects nginx-ui prior to 2.3.4. The MCP integration exposes two HTTP endpoints: /mcp (protected by AuthRequired) and /mcp_message (no authentication). The default IPWhiteList is empty, which the middleware treats as “allow all,” enabling unauthenticated MCP tool invocations (e.g.,...

9.8CVSS5.9AI score0.38477EPSS
In wildWeb
cve
cve
added 2024/01/11 7:24 p.m.79 views

CVE-2024-22196

CVE-2024-22196 affects nginx-ui (Go) where OrderAndPaginate uses user-controlled query parameters (order and sort_by via DefaultQuery) to build SQL order clauses, enabling SQL injection via crafted requests. Multiple connected sources confirm the vulnerability is exploitable through the GET /api/...

7CVSS6.2AI score0.00584EPSS
cve
cve
added 2024/01/29 4:49 p.m.78 views

CVE-2024-23828

Summary: CVE-2024-23828 affects Nginx-UI, a web interface for Nginx configuration. An authenticated attacker can achieve arbitrary command execution by abusing CRLF in configuration fields (test_config_cmd or start_cmd), due to an incomplete fix for CVE-2024-22197/22198. The issue is capped at hi...

8.8CVSS8.6AI score0.01054EPSS
cve
cve
added 2024/01/29 4:7 p.m.70 views

CVE-2024-23827

Summary of CVE-2024-23827 (Nginx-UI) Nginx-UI (github.com/0xJacky/Nginx-UI) exposes an Import Certificate feature via the API endpoint /api/cert which allows writing uploaded certificate data and keys to arbitrary filesystem paths. The write logic accepts path fields (ssl_certificate_path, ssl_ce...

9.8CVSS9.7AI score0.00699EPSS
cve
cve
added 2026/05/04 8:13 p.m.60 views

CVE-2026-42238

Nginx UI (nginx-ui) prior to version 2.3.8 exposes an unauthenticated backup restore endpoint (POST /api/restore) during the first 10 minutes after startup. An unauthenticated remote attacker can upload a crafted backup archive that overwrites app.ini and the SQLite database, allowing injection o...

9.8CVSS5.9AI score0.00764EPSS
cve
cve
added 2024/10/21 4:12 p.m.51 views

CVE-2024-49366

Nginx UI (versions up to 2.0.0-beta.35) is affected by a directory-traversal vulnerability where the UI reads a value from a JSON field without verification, enabling payloads like ../../ to write arbitrary files on the server and potentially cause permission loss. A fix is available: upgrade to ...

8.7CVSS7.5AI score0.00579EPSS
cve
cve
added 2026/05/04 8:9 p.m.43 views

CVE-2026-42221

Summary: CVE-2026-42221 affects nginx-ui versions 2.0.0 through 2.3.7, where an unauthenticated attacker can claim the initial administrator account during first-run via the public /api/install endpoint. The installation flow and public keys are not authenticated, allowing an attacker to set admi...

9.8CVSS5.8AI score0.00346EPSS
Web
cve
cve
added 2026/05/04 8:12 p.m.32 views

CVE-2026-42223

Nginx UI (nginx-ui) before version 2.3.8 exposes sensitive settings through the GetSettings API. The handler serializes all settings structs to JSON and returns them to authenticated users, while the protected:"true" tag is only enforced on writes, not reads. This leaks 40+ protected fields, incl...

6.5CVSS5.7AI score0.00295EPSS
cve
cve
added 2026/04/20 8:12 p.m.30 views

CVE-2026-33031

The CVE concerns Nginx UI prior to version 2.3.4 . A user disabled by an administrator can continue using previously issued API tokens for up to the token lifetime, allowing continued access to reading/modifying protected resources after disable. Tokens can create new accounts, so the disabled us...

8.6CVSS5.7AI score0.00274EPSS
cve
cve
added 2026/04/20 8:16 p.m.30 views

CVE-2026-34403

CVE-2026-34403 : Nginx-UI before 2.3.5 suffers Cross‑Site WebSocket Hijacking (CSWSH) due to an unsafe WebSocket upgrader that unconditionally sets CheckOrigin to true across all endpoints, enabling authenticated WebSocket connections from attacker‑controlled pages. Token authentication is stored...

8.1CVSS5.7AI score0.00176EPSS
cve
cve
added 2026/03/30 5:59 p.m.28 views

CVE-2026-33028

CVE-2026-33028 affects Nginx UI, prior to version 2.3.4. The issue is a race condition caused by a lack of synchronization (mutex) and non-atomic writes to the primary configuration file (app.ini), leading to persistent DoS and a non-deterministic path for potential RCE via configuration cross-co...

7.5CVSS5.9AI score0.00534EPSS
cve
cve
added 2026/03/30 5:58 p.m.28 views

CVE-2026-33030

CVE-2026-33030 affects nginx-ui up to version 2.3.3. An Insecure Direct Object Reference (IDOR) vulnerability allows any authenticated user to access, modify, or delete resources owned by other users due to lack of user ownership checks in the base model and endpoints. Some sources (GHSA/OSV) add...

9.9CVSS5.9AI score0.0028EPSS
cve
cve
added 2026/05/04 8:11 p.m.23 views

CVE-2026-42222

CVE-2026-42222 (nginx-ui 2.3.5) describes an unauthenticated bootstrap takeover during the initial installation window exposed by POST /api/install. The issue allows a remote attacker to submit attacker-chosen bootstrap data and gain full unauthenticated administrative control on a fresh, uniniti...

9.8CVSS5.8AI score0.00339EPSS
cve
cve
added 2026/05/04 8:8 p.m.22 views

CVE-2026-42220

Nginx UI (nginx-ui) prior to version 2.3.8 exposes a vulnerability where an authenticated user can call GET /api/settings to retrieve sensitive values, including node.secret. The node.secret is accepted by AuthRequired() via the X-Node-Secret header (or node_secret query parameter), allowing the ...

6.5CVSS5.7AI score0.00299EPSS
Web
cve
cve
added 2026/03/30 5:59 p.m.21 views

CVE-2026-33029

CVE-2026-33029 affects Nginx UI (web UI for Nginx). An input validation flaw in the logrotate configuration allows an authenticated user to submit a negative integer for the rotation interval, causing the backend to enter an infinite loop or invalid state and rendering the UI unresponsive (DoS). ...

6.9CVSS5.8AI score0.00948EPSS
cve
cve
added 2026/05/12 8:49 p.m.19 views

CVE-2026-44015

CVE-2026-44015 describes SSRF in Nginx UI prior to 2.3.5 where an authenticated user can create a cluster node with an internal URL and trigger the Proxy middleware to forward requests using the X-Node-ID header, bypassing network segmentation and reaching localhost/internal services (including c...

9.9CVSS5.9AI score0.00318EPSS
cve
cve
added 2026/03/30 5:59 p.m.18 views

CVE-2026-33027

Nginx UI (the web UI for Nginx) prior to version 2.3.4 is affected by improper handling of URL-encoded traversal sequences. When crafted paths are provided, the backend resolves them to the base Nginx configuration directory and can operate on the base directory (/etc/nginx). An authenticated use...

6.9CVSS5.8AI score0.00397EPSS
cve
cve
added 2026/03/30 7:26 p.m.17 views

CVE-2026-33026

The connected advisory GHSA-FHH2-GG7W-GWPQ describes a vulnerability in nginx-ui (application version v2.3.3 ) where the backup/restore mechanism is vulnerable to tampering. The backup format encrypts files and stores hashes encrypted with the same key given to the client, creating a circular tru...

9.4CVSS5.8AI score0.00328EPSS