CVE-2024-22198 Information

Jan 12, 2024 cve

Description

Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The Home > Preference page exposes a list of system settings such as Run Mode Jwt Secret Node Secret and Terminal Start Command. While the UI doesn’t allow users to modify the Terminal Start Command setting it is possible to do so by sending a request to the API. This issue may lead to authenticated remote code execution privilege escalation and information disclosure. This vulnerability has been patched in version 2.0.0.beta.9.

Reference

https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35 https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3 https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go#L18 https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/terminal/pty.go#L11 https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/internal/pty/pipeline.go#L29 https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go#L45 https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/settings/server.go#L12

Share on: