CVE-2023-45132

Name of the Vulnerable Software and Affected Versions NAXSI versions 1.3 through 1.6

Description NAXSI is an open-source maintenance web application firewall (WAF) for NGINX. An issue allows someone to bypass the WAF when a malicious X-Forwarded-For IP matches IgnoreIP IgnoreCIDR rules. This old code was arranged to allow older NGINX versions to also support IgnoreIP IgnoreCIDR when multiple reverse proxies were present.

Recommendations For versions 1.3 through 1.5, as a temporary workaround, do not set any IgnoreIP IgnoreCIDR rules to minimize the risk of exploitation. For version 1.6, the issue is patched, so no additional action is required beyond ensuring this version is used. For all affected versions, consider updating to version 1.6 or later to fully resolve the issue.