Security
Headlines
HeadlinesLatestCVEs

Tag

#nginx

CVE-2023-25804: Limited Path Traversal in name parameter hap-wi/roxy-wi

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a limited path traversal vulnerability. An SSH key can be saved into an unintended location, for example the `/tmp` folder using a payload `../../../../../tmp/test111_dev`. This issue has been fixed in version 6.3.5.0.

CVE
#vulnerability#web#apache#git#nginx#ssh
CVE-2023-25803: Directory Traversal vulnerability in hap-wi/roxy-wi

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a directory traversal vulnerability allows the inclusion of server-side files. This issue is fixed in version 6.3.5.0.

CVE-2023-25802: v6.3.6.0 · hap-wi/roxy-wi@0054f25

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.6.0 don't correctly neutralize `dir/../filename` sequences, such as `/etc/nginx/../passwd`, allowing an actor to gain information about a server. Version 6.3.6.0 has a patch for this issue.

CVE-2023-0628: Docker Desktop release notes

Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking an user to open a crafted malicious docker-desktop:// URL.

CVE-2023-20088: Cisco Security Advisory: Cisco Finesse Reverse Proxy VPN-less Access to Finesse Desktop Denial of Service Vulnerability

A vulnerability in the nginx configurations that are provided as part of the VPN-less reverse proxy for Cisco Finesse could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for new and existing users who are connected through a load balancer. This vulnerability is due to improper IP address filtering by the reverse proxy. An attacker could exploit this vulnerability by sending a series of unauthenticated requests to the reverse proxy. A successful exploit could allow the attacker to cause all current traffic and subsequent requests to the reverse proxy through a load balancer to be dropped, resulting in a DoS condition.

All CVEs Are Not Created Equal

Vulnerabilities impact each industry differently, so each sector needs to think about its defenses and vulnerability management differently.

GHSA-7968-h4m4-ghm9: No protection against brute-force attacks on login page

### Impact Previous versions of Kiwi TCMS do not impose rate limits which makes it easier to attempt brute-force attacks against the login page. ### Patches Users should upgrade to v12.0 or later. ### Workarounds Users may install and configure a rate-limiting proxy in front of Kiwi TCMS. For example nginx. ### References [Disclosed by spyata](https://huntr.dev/bounties/2b1a9be9-45e9-490b-8de0-26a492e79795/)

GHSA-7j9h-3jxf-3vrf: Denial of service vulnerability on Password reset page

### Impact Previous versions of Kiwi TCMS do not impose rate limits which makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources. ### Patches Users should upgrade to v12.0 or later. ### Workarounds Users may install and configure a rate-limiting proxy in front of Kiwi TCMS such as Nginx and/or configure rate limits on their email server when possible. ### References [Disclosed by Ahmed Rabeaa Mosaa](https://huntr.dev/bounties/3b712cb6-3fa3-4f71-8562-7a7016c6262e)

CVE-2023-25171: Denial of service vulnerability on Password reset page

Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources. Users should upgrade to v12.0 or later to receive a patch. As potential workarounds, users may install and configure a rate-limiting proxy in front of Kiwi TCMS and/or configure rate limits on their email server when possible.