← back
CVE-2022-31161

Roxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert Upload

CVSS 10 CRITICALEPSS 20.1%CWE-77CWE-94
Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Affected products
hap-wi · roxy-wi
public PoCs found2
cve_referencepacketstormsecurity.com/files/171652/Roxy-WI-6.1.1.0-Remote-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/51228unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/171652/Roxy-WI-6.1.1.0-Remote-Code-Execution.htmlhttps://github.com/hap-wi/roxy-wi/releases/tag/v6.1.1.0https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-pg3w-8p63-x483