NginxProxyManager
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-46256 | 0.05 | — | 0.60 | Sep 27, 2024 | A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate. | |||
| CVE-2024-46257 | 0.00 | — | 0.03 | Sep 27, 2024 | A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: this is not part of any NGINX software shipped by F5. | |||
| CVE-2023-27224 | 0.00 | — | 0.01 | Mar 22, 2023 | An issue found in NginxProxyManager v.2.9.19 allows an attacker to execute arbitrary code via a lua script to the configuration file. |
- CVE-2024-46256Sep 27, 2024risk 0.05cvss —epss 0.60
A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate.
- CVE-2024-46257Sep 27, 2024risk 0.00cvss —epss 0.03
A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: this is not part of any NGINX software shipped by F5.
- CVE-2023-27224Mar 22, 2023risk 0.00cvss —epss 0.01
An issue found in NginxProxyManager v.2.9.19 allows an attacker to execute arbitrary code via a lua script to the configuration file.