CVE-2024-23827
- EPSS 0.7%
- Veröffentlicht 29.01.2024 16:15:09
- Zuletzt bearbeitet 21.11.2024 08:58:30
Nginx-UI is a web interface to manage Nginx configurations. The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths i...
CVE-2024-22198
- EPSS 4.09%
- Veröffentlicht 11.01.2024 20:15:45
- Zuletzt bearbeitet 21.11.2024 08:55:46
Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The `Home > Preference` page exposes a list of system settings such as `Run Mode`, `Jwt Secret`, `Node ...
CVE-2024-22196
- EPSS 0.58%
- Veröffentlicht 11.01.2024 20:15:44
- Zuletzt bearbeitet 21.11.2024 08:55:46
Nginx-UI is an online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. This issue may lead to information disclosure. By using `DefaultQuery`, the `"desc"` and `"id"` values are used as de...
CVE-2024-22197
- EPSS 1.54%
- Veröffentlicht 11.01.2024 18:15:45
- Zuletzt bearbeitet 21.11.2024 08:55:46
Nginx-ui is online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. The `Home > Preference` page exposes a small list of nginx settings such as `Nginx Access Log Path` and `Nginx Error Log...