Main Vulnerability Database Vulnerabilities #VU127234

Server-Side Request Forgery (SSRF) in nginx-ui - #VU127234

Published: April 23, 2026

Vulnerability identifier: #VU127234

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:L/SI:N/SA:N/E:U/U:Green

CVE-ID: N/A

CWE-ID: CWE-918

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Nginx UI

Affected software:
nginx-ui

Detailed vulnerability description

The vulnerability allows a remote user to access internal services and disclose sensitive information.

The vulnerability exists due to server-side request forgery (SSRF) in the Proxy middleware when handling API requests with an attacker-controlled X-Node-ID header that references a crafted cluster node. A remote user can create a cluster node pointing to an arbitrary internal URL and send crafted API requests to access internal services and disclose sensitive information.

The issue can be used to reach localhost, private network services, and cloud metadata endpoints.

Remediation

Install security update from vendor's website.

Sources

https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-wr32-99hh-6f35

Server-Side Request Forgery (SSRF) in nginx-ui - #VU127234

Detailed vulnerability description

Remediation

Sources

Please verify you're human