Vector Strings

Severity Score: 9.8
Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9

Access Vector (AV):
Access Complexity (AC):
Authentication (AU): NONE
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Published Date: 2023-03-22
Last Modified: 2023-03-27

CVE-2023-27224

About:
An issue found in NginxProxyManager v.2.9.19 allows an attacker to execute arbitrary code via a lua script to the configuration file.

References

https://github.com/LinuxProgramDevelop/NginxProxyManagerCommandInjectVulnInfo/blob/main/Nginx_proxy_manager_Command_Inject_vulnerability.pdf
https://github.com/NginxProxyManager/nginx-proxy-manager

Related CVEs

No related CVEs.

Empower Your Security Strategy with Rainforest

Discover vulnerabilities early, prioritize critical threats, and protect what truly matters. Rainforest streamlines your security operations, saving you time and reducing costs, so you can focus on what drives your business forward.

Book a Demo