CVE-2022-31125

Name of the Vulnerable Software and Affected Versions Roxy-wi versions prior to 6.1.1.0

Description A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This issue affects Roxy-wi, an open source web interface for managing Haproxy, Nginx, Apache, and Keepalived servers.

Recommendations For versions prior to 6.1.1.0, upgrade to version 6.1.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Roxy-wi interface until an upgrade can be performed.