CVE-2024-7634

Name of the Vulnerable Software and Affected Versions NGINX Agent (affected versions not specified)

Description The issue is related to the config dirs function of the NGINX Agent and NGINX Instance Manager platform, which allows an attacker to upload arbitrary files outside the intended directory. This can enable a remote attacker to write or overwrite arbitrary files. The exploitation requires a highly privileged attacker.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.