CVE-2024-49368 | 0xJacky Nginx-UI up to 2.0.0-beta.35 exec.Command input validation (GHSA-66m6-27r9-77vm)

Posted by Angelo Barbosa | Oct 21, 2024 | CVE

A vulnerability, which was classified as very critical, was found in 0xJacky Nginx-UI up to 2.0.0-beta.35. This affects the function exec.Command. The manipulation leads to improper input validation.

This vulnerability is uniquely identified as CVE-2024-49368. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49368 | 0xJacky Nginx-UI up to 2.0.0-beta.35 exec.Command input validation (GHSA-66m6-27r9-77vm)

Related Posts

CVE-2023-52039 | Totolink X6000R 9.4.0cu.852_B20230719 sub_415AA4 Privilege Escalation

CVE-2024-26854 | Linux Kernel up to 6.7.9 ice_dpll_init uninitialized pointer (db29ceff3e25/9224fc86f177)

CVE-2024-7828 | D-Link DNS-1550-04 up to 20240814 photocenter_mgr.cgi cgi_set_cover album_name buffer overflow

CVE-2024-39681 | XjSv Cooked Plugin up to 1.7.15.4 on WordPress cross-site request forgery (GHSA-q7p9-2x5h-vxm7)