VYPR

Vendor CVEs

Roxy Wi

All CVEs

35 total · sorted by risk
  • CVE-2026-45558CriJun 10, 2026
    risk 0.64cvss 9.9epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints (POST /api/service/haproxy/<server_id>/section/<section_type> and the PUT / global / defaults variants) accept a JSON option…

  • CVE-2026-45556CriJun 10, 2026
    risk 0.64cvss 9.9epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf//<server_ip>/rule/<rule_id>/save accepts a config_file_name form field that is passed straight through to…

  • CVE-2026-45552CriJun 10, 2026
    risk 0.64cvss 9.9epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the install blueprint declares only bp.before_request → @jwt_required() (app/routes/install/routes.py:36-39). The individual endpoints install_exporter,…

  • CVE-2026-45550CriJun 10, 2026
    risk 0.59cvss 9.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, PUT /smon/check (app/routes/smon/routes.py:117-138) gates only on roxywi_common.check_user_group_for_flask() — which validates that the caller has some group,…

  • CVE-2026-33432CriApr 20, 2026
    risk 0.59cvss 9.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search filter by directly concatenating the user-supplied login username into the…

  • CVE-2026-45564HigJun 10, 2026
    risk 0.57cvss 8.8epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions//<server_ip>//save interpolates the URL-path configver parameter directly into a config-version path that ends up at…

  • CVE-2026-33078CriApr 24, 2026
    risk 0.57cvss 9.8epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxy_section_save function in app/routes/config/routes.py. The server_ip parameter, sourced from the URL path, is passed…

  • CVE-2026-33076CriApr 24, 2026
    risk 0.57cvss 9.8epss 0.01

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the haproxy_section_save interface presents a vulnerability that could lead to remote code execution due to path traversal and writing into scheduled tasks. Version…

  • CVE-2026-45549HigJun 10, 2026
    risk 0.55cvss 8.5epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, agent_action (app/routes/smon/agent_routes.py:166-179) has decorators @bp.post('/agent/action/') and @jwt_required() only — no role check, no group…

  • CVE-2026-45567HigJun 10, 2026
    risk 0.54cvss 8.3epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, there is an authentication bypass vulnerability via 'api' substring in URL + unauthenticated /api/gpt. At time of publication, there are no publicly available…

  • CVE-2026-45565HigJun 10, 2026
    risk 0.53cvss 8.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, EscapedString (app/modules/roxywi/class_models.py:16-30) is the centralised Pydantic validator used on dozens of fields including SSH credential name, username,…

  • CVE-2024-13129HigJan 3, 2025
    risk 0.51cvss 8.8epss 0.18

    A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by this vulnerability is the function action_service of the file app/modules/roxywi/roxy.py. The manipulation of the argument action/service leads to os command injection. The attack can…

  • CVE-2026-33208HigApr 24, 2026
    risk 0.50cvss 8.8epss 0.01

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the /config/ < service > /find-in-config endpoint in Roxy-WI fails to sanitize the user-supplied words parameter before embedding it into a shell command string that…

  • CVE-2018-12042HigJun 7, 2018
    risk 0.49cvss 7.5epss 0.02

    Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter.

  • CVE-2026-45569HigJun 10, 2026
    risk 0.46cvss 8.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, ommit d4d10006 ("Expand validation to block .. in config_file_name and configver for improved security") added a line in app/modules/config/config.py:462. This…

  • CVE-2026-45561MedJun 10, 2026
    risk 0.42cvss 6.5epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the /smon/agent/{version,uptime,status,checks}/<server_ip> family of routes takes the URL path component verbatim into requests.get(f'http://{server_ip}:{agent_po…

  • CVE-2026-33077HigApr 24, 2026
    risk 0.42cvss 7.5epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the oldconfig parameter in the haproxy_section_save interface has an arbitrary file read vulnerability. Version 8.2.6.4 fixes the issue.

  • CVE-2026-45566MedJun 10, 2026
    risk 0.40cvss 6.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the login flow allow-lists next URLs by rejecting strings containing https:// or http:// substrings, then constructs https://{request.host}{next_url} and the JS…

  • CVE-2026-45560MedJun 10, 2026
    risk 0.40cvss 6.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, wrap_line (app/modules/common/common.py:181-186) and highlight_word (app/modules/common/common.py:188-192) build raw HTML by string concatenation with no…

  • CVE-2026-33431MedApr 20, 2026
    risk 0.35cvss 6.5epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is…

  • CVE-2026-45559MedJun 10, 2026
    risk 0.32cvss 4.9epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, get_ldap_email (app/modules/roxywi/user.py:120-157) builds the LDAP search filter via f-string concatenation. The username URL path parameter is taken verbatim…

  • CVE-2026-45563MedJun 10, 2026
    risk 0.28cvss 4.3epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, GET /history//<server_ip> re-uses the server_ip path parameter as a user-id when service == 'user', with no authorization check. Any authenticated user…

  • CVE-2018-20525Mar 18, 2019
    risk 0.06cvss epss 0.22

    Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php.

  • CVE-2022-31161Jul 15, 2022
    risk 0.02cvss epss 0.20

    Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0…

  • CVE-2026-27811Mar 17, 2026
    risk 0.00cvss epss 0.02

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.3, a command injection vulnerability exists in the `/config/compare//<server_ip>/show` endpoint, allowed authenticated users to execute arbitrary system…

  • CVE-2026-22265Jan 15, 2026
    risk 0.00cvss epss 0.02

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to 8.2.8.2, command injection vulnerability exists in the log viewing functionality that allows authenticated users to execute arbitrary system commands. The vulnerability is in…

  • CVE-2024-43804Aug 29, 2024
    risk 0.00cvss epss 0.03

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. An OS Command Injection vulnerability allows any authenticated user on the application to execute arbitrary code on the web application server via port scanning functionality. User-supplied…

  • CVE-2023-29004Apr 17, 2023
    risk 0.00cvss epss 0.01

    hap-wi/roxy-wi is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A Path Traversal vulnerability was found in the current version of Roxy-WI (6.3.9.0 at the moment of writing this report). The vulnerability can be exploited via an HTTP request to…

  • CVE-2023-25804Mar 15, 2023
    risk 0.00cvss epss 0.01

    Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a limited path traversal vulnerability. An SSH key can be saved into an unintended location, for example the `/tmp` folder using a payload…

  • CVE-2023-25802Mar 13, 2023
    risk 0.00cvss epss 0.01

    Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.6.0 don't correctly neutralize `dir/../filename` sequences, such as `/etc/nginx/../passwd`, allowing an actor to gain information about a server. Version 6.3.6.0 has a…

  • CVE-2023-25803Mar 13, 2023
    risk 0.00cvss epss 0.01

    Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a directory traversal vulnerability that allows the inclusion of server-side files. This issue is fixed in version 6.3.5.0.

  • CVE-2022-31125Jul 6, 2022
    risk 0.00cvss epss 0.16

    Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This…

  • CVE-2021-38168Aug 7, 2021
    risk 0.00cvss epss 0.01

    Roxy-WI through 5.2.2.0 allows authenticated SQL injection via select_servers.

  • CVE-2021-38169Aug 7, 2021
    risk 0.00cvss epss 0.02

    Roxy-WI through 5.2.2.0 allows command injection via /app/funct.py and /api/api_funct.py.

  • CVE-2019-7174Apr 9, 2019
    risk 0.00cvss epss 0.02

    Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Rename File), createdir.php (aka Create Directory), fileslist.php (aka Echo File List), and movefile.php (aka Move File) operations.