Access Control: nginxWebUI ≤ 3.5.0 runCmd - Remote Command Execution¶
Identifier:
nginxwebui_runcmd_rce
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
nginxWebUI's runCmd feature is vulnerable to remote code execution due to incomplete validation of user input, allowing attackers to execute arbitrary commands without authorization.
How we test: We test for remote code execution vulnerabilities in nginxWebUI runCmd by injecting malicious command payloads and analyzing responses to detect if arbitrary commands can be executed.
Reference:
- https://github.com/qingchenhh/qc_poc/blob/main/Goby/nginxWebUI_runCmd_rce.go
- https://www.ctfiot.com/124166.html
- https://www.sangfor.com/farsight-labs-threat-intelligence/cybersecurity/nginxwebui-runcmd-remote-command-execution-vulnerability
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.