Vulnerability Description
jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an authenticated attacker to execute arbitrary commands on the system. NOTE: this is not part of any NGINX software shipped by F5.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jc21 | Nginx Proxy Manager | <= 2.9.19 |
Related Weaknesses (CWE)
References
- https://advisory.dw1.io/57ExploitThird Party Advisory
- https://github.com/NginxProxyManager/nginx-proxy-manager/blob/4f10d129c20cc82494ExploitThird Party Advisory
- https://advisory.dw1.io/57ExploitThird Party Advisory
- https://github.com/NginxProxyManager/nginx-proxy-manager/blob/4f10d129c20cc82494ExploitThird Party Advisory
FAQ
What is CVE-2023-23596?
CVE-2023-23596 is a vulnerability with a CVSS score of 8.8 (HIGH). jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated ...
How severe is CVE-2023-23596?
CVE-2023-23596 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-23596?
Check the references section above for vendor advisories and patch information. Affected products include: Jc21 Nginx Proxy Manager.