Plattform
go
Komponente
github.com/0xjacky/nginx-ui
Behoben in
2.3.5
1.9.10
CVE-2026-33026 describes a critical vulnerability in the Nginx-UI project, specifically concerning its backup and restore functionality. An attacker can tamper with encrypted backups, potentially leading to unauthorized access and system compromise. This vulnerability affects versions of Nginx-UI prior to 2.3.4, and a patch has been released to address the issue.
The vulnerability lies in the way Nginx-UI handles encrypted backups. An attacker who gains access to the backup files can modify them without detection, effectively corrupting the backup data. This could allow an attacker to restore a malicious configuration, inject backdoors, or steal sensitive data stored within the Nginx-UI environment. The impact is significant as it directly compromises the integrity of backup and recovery procedures, a critical component of disaster recovery and security posture. Successful exploitation could lead to complete system takeover and data exfiltration.
CVE-2026-33026 was publicly disclosed on 2026-04-02. As of this date, there are no publicly available proof-of-concept exploits. The EPSS score is likely to be medium, given the critical severity and the lack of public exploits, suggesting a moderate probability of exploitation. This vulnerability is not currently listed on the CISA KEV catalog.
Organizations using Nginx-UI for managing their Nginx configurations are at risk, particularly those relying on the backup and restore functionality for disaster recovery. Shared hosting environments where multiple users share the same Nginx-UI instance are especially vulnerable, as an attacker could potentially compromise backups belonging to other users.
• go / server:
find /opt/nginx-ui/ -name '*.bak' -type f -print0 | xargs -0 sha256sum• go / server:
journalctl -u nginx-ui -f | grep "backup_restore"• generic web: Check the Nginx-UI configuration for any unusual or unexpected settings related to backup locations or encryption keys.
disclosure
Exploit-Status
EPSS
0.01% (2% Perzentil)
CISA SSVC
The primary mitigation is to immediately upgrade Nginx-UI to version 2.3.4 or later. This version includes a fix that addresses the backup tampering vulnerability. If upgrading is not immediately feasible, consider restricting access to the backup directory to authorized personnel only. Implement strict file integrity monitoring on the backup files to detect any unauthorized modifications. While a WAF or proxy cannot directly prevent this vulnerability, they can be configured to monitor for suspicious activity related to backup operations.
Actualice nginx-ui a la versión 2.3.4 o posterior. Esta versión corrige la vulnerabilidad que permite la manipulación de copias de seguridad cifradas y la inyección de configuraciones maliciosas durante la restauración.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-33026 is a critical vulnerability in Nginx-UI versions before 2.3.4 that allows attackers to tamper with encrypted backups, potentially leading to unauthorized access and system compromise.
You are affected if you are using Nginx-UI versions prior to 2.3.4. Upgrade to the latest version to mitigate the risk.
Upgrade Nginx-UI to version 2.3.4 or later. This version includes a fix that addresses the backup tampering vulnerability.
As of the current date, there are no publicly available proof-of-concept exploits, but the critical severity warrants immediate attention.
Refer to the official Nginx-UI project repository and release notes for the latest advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine go.mod-Datei hoch und wir sagen dir sofort, ob du betroffen bist.