{ "id": "CVE-2024-49368", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-21T17:15:03.960", "lastModified": "2024-11-06T18:28:54.440", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, causing arbitrary command execution. Version 2.0.0-beta.36 fixes this issue." }, { "lang": "es", "value": "Nginx UI es una interfaz de usuario web para el servidor web Nginx. Antes de la versi\u00f3n 2.0.0-beta.36, cuando Nginx UI configura logrotate, no verifica la entrada y la pasa directamente a exec.Command, lo que provoca la ejecuci\u00f3n arbitraria de comandos. La versi\u00f3n 2.0.0-beta.36 corrige este problema." } ], "metrics": { "cvssMetricV40": [ { "source": "security-advisories@github.com", "type": "Secondary", "cvssData": { "version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.9, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "subsequentSystemAvailability": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirements": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "safety": "NOT_DEFINED", "automatable": "NOT_DEFINED", "recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED" } } ], "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } ] }, "weaknesses": [ { "source": "security-advisories@github.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-20" } ] }, { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.9.9-4", "matchCriteriaId": "22A77A87-A811-4F69-A383-D7B7E5A4F3C2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "3C287A7F-66B4-406A-B87B-B954A1CA6D44" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta10:*:*:*:*:*:*", "matchCriteriaId": "D684FFEF-4451-49ED-A04D-CF74F45A2F40" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta10_patch:*:*:*:*:*:*", "matchCriteriaId": "D5984B3A-40C9-4188-976C-E9EB166FA624" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta11:*:*:*:*:*:*", "matchCriteriaId": "EDE74B22-31D1-41D1-A5DD-DB4AAA7A7984" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta12:*:*:*:*:*:*", "matchCriteriaId": "B99C6CCE-C042-4AB1-9D47-2DFE59851BE1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta13:*:*:*:*:*:*", "matchCriteriaId": "B484B49F-B83F-4E9F-BE87-059D7FE3BD51" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta13-patch:*:*:*:*:*:*", "matchCriteriaId": "D61FFDC5-D5DE-4608-A303-2A804D25200F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta14:*:*:*:*:*:*", "matchCriteriaId": "56799738-9FD4-41EC-B259-3273165DE071" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta15:*:*:*:*:*:*", "matchCriteriaId": "B7CBB875-B2B8-473B-9F89-8CE4EF93819C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta16:*:*:*:*:*:*", "matchCriteriaId": "B48C61F6-EE8C-4DA4-B2F1-58345C2A1507" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta17:*:*:*:*:*:*", "matchCriteriaId": "96DB1BA6-5BA0-4E54-B32B-C7B789A8C25C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta18:*:*:*:*:*:*", "matchCriteriaId": "7FB8C798-E100-4290-8341-174F3E5B7C6A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta18-patch1:*:*:*:*:*:*", "matchCriteriaId": "5E5F4274-4644-447B-9082-5F9491FD9D12" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta18-patch2:*:*:*:*:*:*", "matchCriteriaId": "4DF6E94E-E7DE-410B-AE2A-371D7FFFAB07" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta19:*:*:*:*:*:*", "matchCriteriaId": "3715D4C4-C7E1-4B1D-8D06-2256065010A2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "25DD91AC-465B-4A43-A79F-4DE47243741C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta20:*:*:*:*:*:*", "matchCriteriaId": "2ED9DDCE-D3CE-4F8C-AEC8-E8632BC8F2EF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta21:*:*:*:*:*:*", "matchCriteriaId": "7DE84C54-309D-4A91-9597-B09EF587B2EF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta22:*:*:*:*:*:*", "matchCriteriaId": "F81DFE2E-33CF-4ED6-B1F3-8DF059418AE2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta23:*:*:*:*:*:*", "matchCriteriaId": "F6ADBCF5-1898-4B98-9F78-B9CE03E319DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta23-patch1:*:*:*:*:*:*", "matchCriteriaId": "F29790DF-EF6C-4C78-8479-8C2155685156" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta23-ptach2:*:*:*:*:*:*", "matchCriteriaId": "70EBD5F7-DC32-4534-9F0B-10D0B8629CEF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta24:*:*:*:*:*:*", "matchCriteriaId": "2CABC38D-7F44-4501-9889-125B988682A7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta25:*:*:*:*:*:*", "matchCriteriaId": "5A7219E9-21D1-4F39-AC78-155468E48F06" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta25-patch1:*:*:*:*:*:*", "matchCriteriaId": "A5526972-5733-4F85-8208-F66BAA73ADA1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta25-ptach2:*:*:*:*:*:*", "matchCriteriaId": "D3B74576-733E-4C21-A0A1-B03B5F6CB58E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta27:*:*:*:*:*:*", "matchCriteriaId": "8F947576-8B6B-40BA-A2A7-DF21A5501033" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta28:*:*:*:*:*:*", "matchCriteriaId": "091FA173-5470-45B7-BBED-7DF06B5646F0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta29:*:*:*:*:*:*", "matchCriteriaId": "08052F6C-9D02-4EF3-BF93-EF4A16AD53FC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "115588C7-D947-4576-9E6C-B5AF1FCE9A29" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta30:*:*:*:*:*:*", "matchCriteriaId": "432993A8-AAC1-4245-A0F1-BADED990EF01" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta31:*:*:*:*:*:*", "matchCriteriaId": "3C29B365-6A28-4E28-BA04-FA2158E3A6B2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta32:*:*:*:*:*:*", "matchCriteriaId": "ED82D9C5-837C-4258-A7A1-1FA8CB6E13CC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta32-patch1:*:*:*:*:*:*", "matchCriteriaId": "142C0FD2-7B0A-48D5-BF2D-62790C20444C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta33:*:*:*:*:*:*", "matchCriteriaId": "202A862C-BE02-4716-9A9B-A779678C5A6B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta34:*:*:*:*:*:*", "matchCriteriaId": "DDB5ACE0-6911-4AFE-A5FB-ED5EC67F38A5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta35:*:*:*:*:*:*", "matchCriteriaId": "6D67DDA9-8946-40EB-83B0-93AE3E31E310" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "BBB20EA3-F3CF-42AF-A217-D5DF7A7ADD70" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4_patch:*:*:*:*:*:*", "matchCriteriaId": "81A6C732-FBF2-44A8-B810-456E54B59A09" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "8C5664E5-150E-4B4B-BA0C-420738820FF1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5_patch:*:*:*:*:*:*", "matchCriteriaId": "7E764AA1-3060-441F-8F14-ADD165316741" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "04A3E84F-91AA-420A-B908-3393E037AC44" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch:*:*:*:*:*:*", "matchCriteriaId": "828EAE87-24E5-4F31-B301-BA2F96BDEA42" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch2:*:*:*:*:*:*", "matchCriteriaId": "45710D36-954A-4450-B622-CB0F368DF544" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta7:*:*:*:*:*:*", "matchCriteriaId": "2B57EEFB-5518-4BD5-998A-34B6690A6F4C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8:*:*:*:*:*:*", "matchCriteriaId": "8EDF4CEE-F24D-441B-92A8-7F5A2B41487E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8_patch:*:*:*:*:*:*", "matchCriteriaId": "F0275FDF-BAE8-4909-8991-6FCE34B8905E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta9:*:*:*:*:*:*", "matchCriteriaId": "B52F973F-A2F2-40C2-9936-9447B5803CFB" } ] } ] } ], "references": [ { "url": "https://github.com/0xJacky/nginx-ui/releases/tag/v2.0.0-beta.36", "source": "security-advisories@github.com", "tags": [ "Release Notes" ] }, { "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-66m6-27r9-77vm", "source": "security-advisories@github.com", "tags": [ "Exploit", "Vendor Advisory" ] } ] }