ID:12615 - Exploit for Command Injection in nginx-ui - CVE-2024-22197

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:12615 - Exploit for Command Injection in nginx-ui - CVE-2024-22197

ID:12615 - Exploit for Command Injection in nginx-ui - CVE-2024-22197

Published: April 21, 2026


Vulnerability identifier: #VU126645
Vulnerability risk: Medium
CVE-ID: CVE-2024-22197
CWE-ID: CWE-77
Exploitation vector: Remote access
Vulnerable software:
nginx-ui

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary commands on the system.

The vulnerability exists due to insufficient input validation. A remote user can modify "nginx" settings and execute arbitrary commands.


Remediation

Install updates from vendor's website.