Plateforme
nginx
Composant
nginx-ui
Corrigé dans
2.0.1
CVE-2024-23827 is a critical vulnerability affecting Nginx-UI versions up to 2.0.0.beta.12. This vulnerability allows for arbitrary file access, enabling attackers to write files to the system. Exploitation can lead to remote code execution by overwriting the app.ini configuration file. A fix was released in version 2.0.0.beta.12.
The Import Certificate feature in Nginx-UI lacks proper input validation, allowing attackers to bypass intended security checks. By providing malicious input that isn't a valid certificate or key, an attacker can specify arbitrary file paths for writing. This directly allows for overwriting critical configuration files, such as app.ini. Successful exploitation grants the attacker the ability to execute arbitrary code on the server, effectively compromising the entire Nginx-UI instance and potentially the underlying system. The impact is severe, as it can lead to complete system takeover.
This vulnerability has been publicly disclosed and is considered critical due to the potential for remote code execution. While no active exploitation campaigns have been publicly reported as of this writing, the ease of exploitation and the critical nature of the vulnerability suggest a high probability of exploitation. No KEV listing exists at the time of this writing. Public proof-of-concept exploits are likely to emerge.
Organizations using Nginx-UI to manage their Nginx configurations are at risk, particularly those running older versions (≤ 2.0.0.beta.12). Shared hosting environments where multiple users have access to the Nginx-UI interface are especially vulnerable, as a compromised user account could be leveraged to exploit this vulnerability.
• linux / server: Monitor Nginx access logs for requests to the /import-certificate endpoint with unusual file paths in the POST data. Use grep to search for patterns like /etc/nginx/ or /var/www/.
grep 'import-certificate.*\/etc\/nginx\//access.log'• generic web: Use curl to test the import-certificate endpoint with a crafted payload containing an absolute path. Check the response for any signs of file creation or modification.
curl -X POST -d 'certificate=evil.txt;/etc/nginx/nginx.conf' http://your-nginx-ui/import-certificate• nginx: Examine Nginx configuration for any unusual directives or modifications that might indicate a successful exploit. Use nginx -T to test the configuration and identify potential issues.
disclosure
Statut de l'Exploit
EPSS
2.96% (percentile 86%)
Vecteur CVSS
The primary mitigation for CVE-2024-23827 is to immediately upgrade Nginx-UI to version 2.0.0.beta.12 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests to the Import Certificate endpoint with suspicious file paths. Additionally, restrict write access to the Nginx-UI installation directory to only the necessary user accounts. After upgrading, verify the fix by attempting to import a malformed certificate file and confirming that the write operation is denied.
Mettez à jour Nginx-UI à la version 2.0.0.beta.12 ou supérieure. Cette version corrige la vulnérabilité d'écriture arbitraire de fichiers. La mise à jour peut être effectuée en téléchargeant la nouvelle version depuis le dépôt officiel et en remplaçant les fichiers existants.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-23827 is a critical vulnerability in Nginx-UI versions up to 2.0.0.beta.12 that allows attackers to write arbitrary files, potentially leading to remote code execution.
You are affected if you are using Nginx-UI versions 2.0.0.beta.12 or earlier. Upgrade to 2.0.0.beta.12 to resolve the issue.
Upgrade Nginx-UI to version 2.0.0.beta.12 or later. As a temporary workaround, implement a WAF rule to block suspicious requests to the import certificate endpoint.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation.
Refer to the Nginx-UI project's repository or website for the official advisory and release notes regarding this vulnerability.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.