漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Authentication Bypass in Roxy-wi
Vulnerability Description
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This affects Roxywi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Vulnerability Type
认证机制不恰当
Vulnerability Title
Roxy-WI 授权问题漏洞
Vulnerability Description
Roxy-WI是开源的一款用于管理 Haproxy、Nginx 和 Keepalived 服务器的 Web 界面。 Roxy-WI 6.1.1.0 之前版本存在授权问题漏洞。未经身份验证的远程攻击者通过该漏洞可以发送特制的 HTTP 请求绕过身份验证并访问管理功能。
CVSS Information
N/A
Vulnerability Type
N/A