CVE-2024-3740 | cym1102 nginxWebUI up to 3.9.9 /adminPage/conf/reload exec nginxExe deserialization

Inserito da Angelo Barbosa | Apr 12, 2024 | CVE

A vulnerability, which was classified as critical, has been found in cym1102 nginxWebUI up to 3.9.9. This issue affects the function exec of the file /adminPage/conf/reload. The manipulation of the argument nginxExe leads to deserialization.

The identification of this vulnerability is CVE-2024-3740. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-3740 | cym1102 nginxWebUI up to 3.9.9 /adminPage/conf/reload exec nginxExe deserialization

Post correlati

CVE-2024-37260 | Theme-Ruby Foxiz Plugin up to 2.3.5 on WordPress server-side request forgery

CVE-2024-8835 | PDF-XChange Editor JB2 File Parser out-of-bounds (ZDI-24-1258)

Texas Instruments CC32XX FreeRTOS malloc integer overflow (icsa-21-119-04)

CVE-2024-37400 | Ivanti Connect Secure up to 22.7R2.2 out-of-bounds