CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 1CVE-2022-31161 – Roxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert Upload
https://notcve.org/view.php?id=CVE-2022-31161
Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue. Roxy-WI es una interfaz web para administrar los servidores HAProxy, Nginx y Keepalived. En versiones anteriores a 6.1.1.0, el comando del sistema puede ser ejecutado remotamente por medio de la función subprocess_execute sin procesar las entradas recibidas del usuario en el archivo /app/options.py. • https://www.exploit-db.com/exploits/51228 http://packetstormsecurity.com/files/171652/Roxy-WI-6.1.1.0-Remote-Code-Execution.html https://github.com/hap-wi/roxy-wi/releases/tag/v6.1.1.0 https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-pg3w-8p63-x483 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 95%CPEs: 1EXPL: 2CVE-2022-31137 – Unauthenticated Remote Code Execution in Roxy-WI
https://notcve.org/view.php?id=CVE-2022-31137
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability. Users are advised to upgrade. • http://packetstormsecurity.com/files/167805/Roxy-WI-Remote-Command-Execution.html http://packetstormsecurity.com/files/171648/Roxy-WI-6.1.0.0-Improper-Authentication-Control.html http://packetstormsecurity.com/files/171652/Roxy-WI-6.1.1.0-Remote-Code-Execution.html http://packetstormsecurity.com/files/172547/Roxy-WI-6.1.0.0-Remote-Command-Execution.html https://github.com/hap-wi/roxy-wi/commit/82666df1e60c45dd6aa533b01a392f015d32f755 https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-53r2-mq99-f532 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 80%CPEs: 1EXPL: 1CVE-2022-31126 – Unauthenticated Remote Code Execution in Roxy-wi
https://notcve.org/view.php?id=CVE-2022-31126
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to code execution by sending a specially crafted HTTP request to /app/options.py file. This affects Roxy-wi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue. • https://www.exploit-db.com/exploits/51227 https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-mh86-878h-43c9 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 1CVE-2022-31125 – Authentication Bypass in Roxy-wi
https://notcve.org/view.php?id=CVE-2022-31125
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This affects Roxywi versions before 6.1.1.0. Users are advised to upgrade. There are no known workarounds for this issue. • https://www.exploit-db.com/exploits/51226 http://packetstormsecurity.com/files/171648/Roxy-WI-6.1.0.0-Improper-Authentication-Control.html https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-hr76-3hxp-5mm3 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38168
https://notcve.org/view.php?id=CVE-2021-38168
Roxy-WI through 5.2.2.0 allows authenticated SQL injection via select_servers. Roxy-WI versiones hasta 5.2.2.0, permite una inyección SQL autenticado por medio de la función select_servers • https://github.com/hap-wi/roxy-wi/issues/285 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •