{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-23827", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-22T22:23:54.338Z", "datePublished": "2024-01-29T16:07:13.953Z", "dateUpdated": "2024-11-12T21:41:24.606Z"}, "containers": {"cna": {"title": "Nginx-UI arbitrary file write through the Import Certificate feature", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m"}], "affected": [{"vendor": "0xJacky", "product": "nginx-ui", "versions": [{"version": "< 2.0.0.beta.12", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-29T16:07:13.953Z"}, "descriptions": [{"lang": "en", "value": "Nginx-UI is a web interface to manage Nginx configurations. The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system. It's possible to leverage the vulnerability into a remote code execution overwriting the config file app.ini. Version 2.0.0.beta.12 fixed the issue."}], "source": {"advisory": "GHSA-xvq9-4vpv-227m", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:13:08.227Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-01-31T20:16:58.531079Z", "id": "CVE-2024-23827", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-12T21:41:24.606Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m", "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:13:08.227Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-23827", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-01-31T20:16:58.531079Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-12T21:41:19.904Z"}}], "cna": {"title": "Nginx-UI arbitrary file write through the Import Certificate feature", "source": {"advisory": "GHSA-xvq9-4vpv-227m", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "0xJacky", "product": "nginx-ui", "versions": [{"status": "affected", "version": "< 2.0.0.beta.12"}]}], "references": [{"url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m", "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Nginx-UI is a web interface to manage Nginx configurations. The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system. It's possible to leverage the vulnerability into a remote code execution overwriting the config file app.ini. Version 2.0.0.beta.12 fixed the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-29T16:07:13.953Z"}}}, "cveMetadata": {"cveId": "CVE-2024-23827", "state": "PUBLISHED", "dateUpdated": "2024-11-12T21:41:24.606Z", "dateReserved": "2024-01-22T22:23:54.338Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-01-29T16:07:13.953Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.0:-:*:*:*:*:*:*", "matchCriteriaId": "E5EB4B0D-CE6A-45CE-8971-15BBB0722394", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "347055AA-23A7-4D03-A46B-0A51A0357EFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.0:alpha3:*:*:*:*:*:*", "matchCriteriaId": "9D17A6DA-3309-4029-9DAD-76ABAA1EA38A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.0:alpha4:*:*:*:*:*:*", "matchCriteriaId": "2E720E78-E724-4E65-9AFC-BC83E2B6405F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "0F445EB2-0B0B-44D1-9A6F-A23BB7CBA264", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "6D4CD22F-4078-4EA1-8790-D6FD110A2893", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "6FE185FE-3B3F-4E46-8812-2512B25E3AD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "861646B0-3CD6-4037-9EE4-550B9B7E5FFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D82994-E977-4148-9E6D-EB87E77EC702", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.3.0:-:*:*:*:*:*:*", "matchCriteriaId": "B30244FF-039B-44F2-AC1A-5FDB7F98A2C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.3.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "45F8125A-57BE-4E62-94A2-FBDD0BCB67E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.3.1:-:*:*:*:*:*:*", "matchCriteriaId": "73DB5C6F-0F75-44F4-B47F-44F3805C0E09", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.3.1:fix:*:*:*:*:*:*", "matchCriteriaId": "D9D6B6EA-823D-4D36-84DC-69CB14AA3120", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2B31BCF4-F00E-42E1-9BCA-F7C0D164FB7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.3.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "B098A3C6-DFE3-41C5-AADB-52C36A08F566", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.4.0:-:*:*:*:*:*:*", "matchCriteriaId": "5F5057DF-FA0A-4A41-BC6F-0F20529BACAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.4.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C7F7B02B-C43C-4E57-B844-F1708125BAB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AF6CBAAD-0A17-4E43-965B-C525DADCA3F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "7EBA5C6E-25FC-4952-BA2C-6C44770D8861", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:-:*:*:*:*:*:*", "matchCriteriaId": "BDA3575B-E64E-42AD-A12C-ADD2BD61065C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "659E6E9F-A297-4115-884B-C4D7EE2CB155", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "4E1A2B34-9B82-429D-83E4-951344B31CAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "B43B60D3-743D-4965-B0FF-3FBDA3DFB7B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "36DB77DA-4ED4-4800-8251-EB4F4BBA4A1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta4_fix:*:*:*:*:*:*", "matchCriteriaId": "E9596AB0-0985-45A3-9EC4-4331A62E59D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "A7659CD3-117A-427A-BDAB-E9580D0CE0A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "8D398E64-80C0-4E7F-9BAB-37200FE42EFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta7:*:*:*:*:*:*", "matchCriteriaId": "9CF56792-52E6-4A24-8488-8DBCE0DF2E69", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta8:*:*:*:*:*:*", "matchCriteriaId": "2D59E88D-CFF0-4039-A236-86AEFA9D6135", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.0:beta9:*:*:*:*:*:*", "matchCriteriaId": "F6C8AFA8-8F62-43A3-99E3-D2BA31B94AF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "ED48548E-A6AB-4AE7-B70F-540F13FA3171", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C645D38E-9AF7-4334-96B0-B674A2DD0E01", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.0:-:*:*:*:*:*:*", "matchCriteriaId": "B3B50213-0F6A-4C86-A819-BC4CEC4CD6A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.0:fix:*:*:*:*:*:*", "matchCriteriaId": "5EAB6269-238F-4342-BFF3-8D52E068A797", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "830987AC-8021-4898-B031-5D158A2EBFA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "C48387B2-B727-4184-9AEE-F2641F14B96F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "8AF0BF25-8BBD-408E-AD26-2F5A5A7A8799", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "0E90DD77-C9D3-418B-A77D-6B6513F1B2CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "F01E473A-7007-43B3-8801-4EDCB94433B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "BF5C23AA-D701-4153-A798-BC62D2227E4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "FD3E2589-AA3E-4FBD-9BE0-8C6343AA2D5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.0:-:*:*:*:*:*:*", "matchCriteriaId": "3F287D86-DE0B-4EFA-A59B-26142539F4C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.0:patch:*:*:*:*:*:*", "matchCriteriaId": "F6CA517E-298A-4594-A5C3-01D714B45FED", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "E988C01A-A8E8-4A78-86FE-D479E85D1C57", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "F3089766-C08D-46ED-96CD-FBD23918CE91", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "7556CA53-63DB-456A-9F4F-D2216577214B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "ED7D3809-15E2-46D7-B655-872D39516423", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "10DF1FCF-60F0-4E1E-B527-038D62D70061", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "692F6EB8-A3DA-41D4-ADC0-A62475056CCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "DB220C58-FEB5-4D00-856A-B8F02089EC69", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "3F256AE5-04EC-4F8E-BBC4-76F16736E275", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "C5878D75-96C7-44AB-8982-705FBC2A7825", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "2B2FBE3D-3B56-4E56-8156-63FE4F1B8CF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "00B0C7D6-30BF-4ABD-A72C-795D60DC5CC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "DC05EA49-627E-4A40-ABB0-E590623C0B90", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "47930D99-B18D-4A65-B49E-060B661919E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.8.4:-:*:*:*:*:*:*", "matchCriteriaId": "6C3B1880-D8EB-40CA-B241-02B3C8B49869", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.8.4:patch:*:*:*:*:*:*", "matchCriteriaId": "E7700F38-C7DD-4F86-B3DE-C3C9A28370A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "C994DA95-D877-4319-911A-90918A9C566F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.9.9-1:*:*:*:*:*:*:*", "matchCriteriaId": "3AB27842-9235-4E3D-9E07-5DC873560D35", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.9.9-2:*:*:*:*:*:*:*", "matchCriteriaId": "598FBDD0-E019-4AA5-B561-65B4D1BE084A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.9.9-3:*:*:*:*:*:*:*", "matchCriteriaId": "489C42D9-39E2-4491-B318-18A20732ED62", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:1.9.9-4:*:*:*:*:*:*:*", "matchCriteriaId": "0E801BBB-76D3-4873-A431-549FE7DE5451", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "3C287A7F-66B4-406A-B87B-B954A1CA6D44", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta10:*:*:*:*:*:*", "matchCriteriaId": "D684FFEF-4451-49ED-A04D-CF74F45A2F40", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta10_patch:*:*:*:*:*:*", "matchCriteriaId": "D5984B3A-40C9-4188-976C-E9EB166FA624", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta11:*:*:*:*:*:*", "matchCriteriaId": "EDE74B22-31D1-41D1-A5DD-DB4AAA7A7984", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "25DD91AC-465B-4A43-A79F-4DE47243741C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "115588C7-D947-4576-9E6C-B5AF1FCE9A29", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "BBB20EA3-F3CF-42AF-A217-D5DF7A7ADD70", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta4_patch:*:*:*:*:*:*", "matchCriteriaId": "81A6C732-FBF2-44A8-B810-456E54B59A09", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "8C5664E5-150E-4B4B-BA0C-420738820FF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta5_patch:*:*:*:*:*:*", "matchCriteriaId": "7E764AA1-3060-441F-8F14-ADD165316741", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "04A3E84F-91AA-420A-B908-3393E037AC44", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch:*:*:*:*:*:*", "matchCriteriaId": "828EAE87-24E5-4F31-B301-BA2F96BDEA42", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta6_patch2:*:*:*:*:*:*", "matchCriteriaId": "45710D36-954A-4450-B622-CB0F368DF544", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta7:*:*:*:*:*:*", "matchCriteriaId": "2B57EEFB-5518-4BD5-998A-34B6690A6F4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8:*:*:*:*:*:*", "matchCriteriaId": "8EDF4CEE-F24D-441B-92A8-7F5A2B41487E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta8_patch:*:*:*:*:*:*", "matchCriteriaId": "F0275FDF-BAE8-4909-8991-6FCE34B8905E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta9:*:*:*:*:*:*", "matchCriteriaId": "B52F973F-A2F2-40C2-9936-9447B5803CFB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Nginx-UI is a web interface to manage Nginx configurations. The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system. It's possible to leverage the vulnerability into a remote code execution overwriting the config file app.ini. Version 2.0.0.beta.12 fixed the issue."}, {"lang": "es", "value": "Nginx-UI es una interfaz web para administrar configuraciones de Nginx. La funci\u00f3n Import Certificate permite la escritura arbitraria en el sistema. La funci\u00f3n no verifica si la entrada del usuario proporcionada es una certificaci\u00f3n/clave y permite escribir en rutas arbitrarias en el sistema. Es posible aprovechar la vulnerabilidad para ejecutar c\u00f3digo remoto sobrescribiendo el archivo de configuraci\u00f3n app.ini. La versi\u00f3n 2.0.0.beta.12 solucion\u00f3 el problema."}], "id": "CVE-2024-23827", "lastModified": "2024-11-21T08:58:30.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-29T16:15:09.867", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}