CRITICAL🇵🇱 Wersja polska

CVE-2024-23827

CVSS 9.8v3.1pub. 2024-01-29upd. 2024-11-21

Nginx-UI is a web interface to manage Nginx configurations. The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system. It's possible to leverage the vulnerability into a remote code execution overwriting the config file app.ini. Version 2.0.0.beta.12 fixed the issue.

🤖 AI Analysis
How it works

The certificate import mechanism does not verify whether the provided input data is actually a certificate or cryptographic key. Lack of validation of the target path (path traversal, CWE-22) enables writing arbitrary content to any path in the file system. An attacker can overwrite the app.ini configuration file with malicious content, which consequently leads to arbitrary code execution on the server (RCE).

Impact

An unauthenticated attacker can gain full control over the server through remote code execution, and can arbitrarily read, modify, or destroy data in the system.

Mitigation & patch

Nginx-UI should be updated to version 2.0.0.beta.12 or newer, in which the issue has been fixed. Details available in vendor references (GitHub Security Advisory GHSA-xvq9-4vpv-227m).

Who is affected

Nginx-UI (authored by 0xJacky) in versions prior to 2.0.0.beta.12

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Nginxui nginx Ui

    APP
    Nginxui
    1.2.01.2.11.2.21.3.01.3.11.3.21.3.31.4.01.4.11.4.21.5.01.5.11.5.21.6.01.6.1+ 27 więcej
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEPath Traversal
CWE
References

Related vulnerabilities

CVE-2026-42238CRITICAL9.0PL ✓ten sam produkt

Nginx UI: nieuwierzytelnione RCE przez endpoint przywracania kopii zapasowej

CVE-2026-33032CRITICAL9.8PL ✓ten sam produkt

Nginx UI: nieuwierzytelniony dostęp do endpointu MCP umożliwia przejęcie serwera

CVE-2026-33026CRITICAL9.4PL ✓ten sam produkt

Nginx UI: manipulacja zaszyfrowanymi kopiami zapasowymi i wstrzyknięcie konfiguracji

CVE-2026-27944CRITICAL9.8PL ✓ten sam produkt

Nginx UI: nieuwierzytelniony dostęp do backupu z ujawnieniem kluczy szyfrowania

CVE-2026-44015HIGH8.5ten sam produkt

Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can per...