CVE-2024-22197: Improper Neutralization of Special Elements used in a Command ('Command Injection')
Nginx-ui is online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. The Home > Preference
page exposes a small list of nginx settings such as Nginx Access Log Path
and Nginx Error Log Path
. However, the API also exposes test_config_cmd
, reload_cmd
and restart_cmd
. While the UI does not allow users to modify any of these settings, it is possible to do so by sending a request to the API. This issue may lead to authenticated Remote Code Execution, Privilege Escalation, and Information Disclosure. This issue has been patched in version 2.0.0.beta.9.
References
- github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/router.go
- github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go
- github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go
- github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3
- github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m
- github.com/advisories/GHSA-pxmr-q2x3-9x9m
- nvd.nist.gov/vuln/detail/CVE-2024-22197
Detect and mitigate CVE-2024-22197 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →