VYPR
Unrated severityNVD Advisory· Published Mar 13, 2023· Updated Feb 25, 2025

Roxy-WI has Path Traversal vulnerability

CVE-2023-25802

Description

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.6.0 don't correctly neutralize dir/../filename sequences, such as /etc/nginx/../passwd, allowing an actor to gain information about a server. Version 6.3.6.0 has a patch for this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Roxy Wi/Roxy Willm-fuzzy
    Range: <6.3.6.0
  • hap-wi/roxy-wiv5
    Range: < 6.3.6.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.