CVE-2024-23827

Name of the Vulnerable Software and Affected Versions Nginx-UI versions prior to 2.0.0-beta.12

Description The Import Certificate feature in Nginx-UI allows arbitrary write into the system, enabling an attacker to write into arbitrary paths. This can be leveraged into a remote code execution by overwriting the config file app.ini. The feature does not check if the provided user input is a certification/key, allowing for exploitation.

API Endpoints: The /api/cert endpoint is vulnerable to arbitrary file write.

Vulnerable Parameters or Variables: The ssl certificate path, ssl certificate key path, ssl certificate, and ssl certificate key variables are vulnerable to exploitation.

Function Names: The AddCert function and the WriteFile function are involved in the vulnerability.

Recommendations For versions prior to 2.0.0-beta.12, update to version 2.0.0-beta.12 or later to fix the issue. As a temporary workaround, consider restricting access to the /api/cert endpoint to minimize the risk of exploitation. Avoid using the ssl certificate path, ssl certificate key path, ssl certificate, and ssl certificate key variables in the affected API endpoint until the issue is resolved.