CVE-2024-22198
HIGHCVSS v3
8.8
HIGH
EPSS Score
20.3%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The `Home > Preference` page exposes a list of system settings such as `Run Mode`, `Jwt Secret`, `Node Secret` and `Terminal Start Command`. While the UI doesn't allow users to modify the `Terminal Start Command` setting, it is possible to do so by sending a request to the API. This issue may lead to authenticated remote code execution, privilege escalation, and information disclosure. This vulnerability has been patched in version 2.0.0.beta.9.
Technical Details
- Published
- 1/11/2024
Frequently Asked Questions
What is CVE-2024-22198?
Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The `Home > Preference` page exposes a list of system settings such as `Run Mode`, `Jwt Secret`, `Node Secret` and `Terminal Start Command`. While the UI doesn't allow users to modify the `Terminal Start Command` setting, it is possible to do so by sending a request to the API. This issue may lead to authenticated remote code execution, privilege escalation, and information disclosure. This vulnerability has been patched in version 2.0.0.beta.9.
Is CVE-2024-22198 actively exploited?
Active exploitation of CVE-2024-22198 has not been confirmed. The EPSS score is 20.3%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2024-22198?
CVE-2024-22198 has a CVSS v3 base score of 8.8 (HIGH severity).
Is CVE-2024-22198 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.