CVE-2024-49367

Description

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, the log path of nginxui is controllable. This issue can be combined with the directory traversal at `/api/configs` to read directories and file contents on the server. Version 2.0.0-beta.36 fixes the issue.

CVSS breakdown

CVSS 4.0

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

Confidentiality (Vulnerable System)

None

Integrity (Vulnerable System)

Low

Availability (Vulnerable System)

None

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Physical

Affected products

0xJacky / nginx-ui< 2.0.0-beta.36 – < 2.0.0-beta.36

References

VENDOR_ADVISORYhttps://github.com/0xJacky/nginx-ui/security/advisories/GHSA-gr34-jgw4-7j4m
PATCHhttps://github.com/0xJacky/nginx-ui/releases/tag/v2.0.0-beta.36