SB2024011134 - Multiple vulnerabilities in nginx-ui

Description

This security bulletin contains information about 3 vulnerabilities.

1) Command Injection (CVE-ID: CVE-2024-22198)

The vulnerability allows a remote attacker to execute arbitrary commands on the system.

The vulnerability exists due to insufficient input validation. A remote user can modify "start_cmd" setting and execute arbitrary commands.

2) SQL injection (CVE-ID: CVE-2024-22196)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "OrderAndPaginate" function. A remote user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

3) Command Injection (CVE-ID: CVE-2024-22197)

The vulnerability allows a remote attacker to execute arbitrary commands on the system.

The vulnerability exists due to insufficient input validation. A remote user can modify "nginx" settings and execute arbitrary commands.

Remediation

Install update from vendor's website.

References

• https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35
• https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h374-mm57-879c
• https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m