Nginx UI: DoS via Negative Integer Input in Logrotate Interval

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service (DoS). By submitting a negative integer for the rotation interval, the backend enters an infinite loop or an invalid state, rendering the web interface unresponsive. This issue has been patched in version 2.3.4.

N/A

输入验证不恰当

Nginx UI 输入验证错误漏洞

Nginx UI是Jacky个人开发者的一个 Nginx 的 WebUI。 Nginx UI 2.3.4之前版本存在输入验证错误漏洞，该漏洞源于logrotate配置中的输入验证问题，允许经过身份验证的用户通过提交负整数导致Web界面无响应，造成完全拒绝服务。

N/A

N/A