CVE-2023-27224 Information

Description

An issue found in NginxProxyManager v.2.9.19 allows an attacker to execute arbitrary code via a lua script to the configuration file.

Reference

https://github.com/LinuxProgramDevelop/NginxProxyManagerCommandInjectVulnInfo/blob/main/Nginx_proxy_manager_Command_Inject_vulnerability.pdf https://github.com/NginxProxyManager/nginx-proxy-manager