Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

roxy-wi — Vulnerabilities & Security Advisories 18

All 18 CVE vulnerabilities found in roxy-wi, with AI-generated Chinese analysis, references, and POCs.

Vendor: hap-wi

CVE IDTitleCVSSSeverityPublished
CVE-2026-33208 Roxy-WI Vulnerable to Authenticated Remote Code Execution via OS Command Injection in find-in-config Endpoint CWE-78 8.8AIHighAI2026-04-24
CVE-2026-33078 Roxy-WI has SQL Injection in haproxy_section_save Endpoint via Unsanitized server_ip Parameter CWE-89 9.8AICriticalAI2026-04-24
CVE-2026-33077 Roxy-WI has an arbitrary file read vulnerability CWE-22 7.5AIHighAI2026-04-24
CVE-2026-33076 Roxy-WI vulnerable to path traversal and arbitrary file writing CWE-22 9.8AICriticalAI2026-04-24
CVE-2026-33432 Roxy-WI has Pre-Authentication LDAP Injection that Leads to Authentication Bypass CWE-287 7.5AIHighAI2026-04-20
CVE-2026-33431 Roxy-WI Vulnerable to Authenticated Arbitrary File Read via Path Traversal in Config Version Viewer CWE-24 8.1AIHighAI2026-04-20
CVE-2026-27811 Roxy-WI has a Command Injection via diff parameter in config comparison allows authenticated RCE CWE-77 8.8 High2026-03-17
CVE-2026-22265 Roxy-WI has a Command Injection via grep parameter in logs.py allows authenticated RCE CWE-78 7.5 High2026-01-15
CVE-2024-13129 Roxy-WI roxy.py action_service os command injection CWE-78 8.8 High2025-01-03
CVE-2024-43804 OS Command Injection via Port Scan Functionality in Roxy-WI CWE-78 8.8 High2024-08-29
CVE-2023-29004 Path Traversal Vulnerability in hap-wi/roxy-wi CWE-22 6.5 Medium2023-04-17
CVE-2023-25804 Roxy-WI vulnerable to Limited Path Traversal in name parameter CWE-22 7.5 High2023-03-15
CVE-2023-25802 Roxy-WI has Path Traversal vulnerability CWE-26 7.5 High2023-03-13
CVE-2023-25803 Roxy-WI 路径遍历漏洞 CWE-22 7.5 High2023-03-13
CVE-2022-31161 Roxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert Upload CWE-77 10.0 Critical2022-07-15
CVE-2022-31137 Unauthenticated Remote Code Execution in Roxy-WI CWE-78 10.0 Critical2022-07-08
CVE-2022-31126 Unauthenticated Remote Code Execution in Roxy-wi CWE-74 10.0 Critical2022-07-06
CVE-2022-31125 Authentication Bypass in Roxy-wi CWE-287 10.0 Critical2022-07-06

All 18 known CVE vulnerabilities affecting roxy-wi with full Chinese analysis, references, and POCs where available.