RCE in 0xjacky Nginx-ui
CVE-2024-22198
Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The `Home > Preference` page exposes a list of system settings such as `Run Mode`, `Jwt Secr…
Vulnerability class: Command Injection (OS Command Injection)
EPSS: 0.160 (94.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L.
Affected products
- 0xjacky Nginx-ui — versions < 2.0.0.beta.9
Weakness classification (CWE)
Public proof-of-concept exploits
References
- https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35 (x_refsource_CONFIRM)
- https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3 (x_refsource_MISC)
- https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go#L18 (x_refsource_MISC)
- https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/terminal/pty.go#L11 (x_refsource_MISC)
- https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/internal/pty/pipeline.go#L29 (x_refsource_MISC)
- https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go#L45 (x_refsource_MISC)
- https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/settings/server.go#L12 (x_refsource_MISC)
Frequently asked questions
- What is CVE-2024-22198?
- CVE-2024-22198 is a high-severity vulnerability in 0xjacky Nginx-ui, classified under Command Injection. CVSS score: 7.1/10. Published 2024-01-11.
- How severe is CVE-2024-22198?
- High severity. CVSS v3 base score is 7.1 out of 10.
- Is CVE-2024-22198 known to be exploited?
- 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.