Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-22198 PoC — Nginx UI 命令注入漏洞

Source
https://github.com/xiw1ll/CVE-2024-22198_Checker
Associated Vulnerability
Title:Nginx UI 命令注入漏洞 (CVE-2024-22198)
Description:Nginx UI是Jacky个人开发者的一个 Nginx 的 WebUI。 Nginx UI 2.0.0.beta.9之前版本存在命令注入漏洞,攻击者利用该漏洞可以通过修改 start_cmd设置来执行任意命令。
Description
Identify Nginx-ui version and check if it's vulnerable to CVE-2024-22198
Readme
# CVE-2024-22198 - authenticated remote code execution in Nginx-ui

## Description

This tool made for remote checking your Nginx-ui version and notify if it's vulnerable to CVE-2024-22198.

Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The `Home > Preference` page exposes a list of system settings such as `Run Mode`, `Jwt Secret`, `Node Secret` and `Terminal Start Command`. While the UI doesn't allow users to modify the `Terminal Start Command` setting, it is possible to do so by sending a request to the API. This issue may lead to authenticated remote code execution, privilege escalation, and information disclosure. This vulnerability has been patched in version 2.0.0.beta.9.

## Example

```
➜  python3 nginxui_checker.py http://172.17.0.4
[!] Nginx-ui version: 2.0.0-beta.8 Vulnerable: True
```

## Exploit

N/A

## References
 - https://nvd.nist.gov/vuln/detail/CVE-2024-22198
File Snapshot

 [4.0K]  /data/pocs/5c41d5ee7e33fbf184756aad8b515e062c7450d2
├── [1.5K]  nginxui_checker.py
└── [ 994]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.