A vulnerability classified as critical has been found in NginxProxyManager 2.11.3. Affected is the function
requestLetsEncryptSsl
of the component Add Lets Encrypt Certificate. The manipulation leads to command injection.
This vulnerability is traded as CVE-2024-46256. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.