A vulnerability, which was classified as very critical, was found in 0xJacky nginx-ui up to 2.0.0.beta.11. Affected is an unknown function. The manipulation of the argument test_config_cmd/start_cmd leads to crlf injection.

This vulnerability is traded as CVE-2024-23828. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.