CVE-2024-46256

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS

Description

A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate.

NginxProxyManager/nginx-proxy-manager
NginxProxyManager/nginx-proxy-manager
Docker container for managing Nginx proxy hosts with a simple, powerful interface
GitHubGitHub
33.4K
barttran2k/POC_CVE-2024-46256
barttran2k/POC_CVE-2024-46256
POC_CVE-2024-46256
GitHubGitHub
6